Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33036 (GCVE-0-2026-33036)
Vulnerability from cvelistv5 – Published: 2026-03-20 05:17 – Updated: 2026-03-25 13:57
VLAI?
EPSS
Title
fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)
Summary
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (&#NNN;, &#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like A can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process—even when developers have configured strict limits. This issue has been fixed in version 5.5.6.
Severity ?
7.5 (High)
CWE
- CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NaturalIntelligence | fast-xml-parser |
Affected:
>= 4.0.0-beta.3, < 5.5.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33036",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T13:57:14.886976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:57:58.233Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "fast-xml-parser",
"vendor": "NaturalIntelligence",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0-beta.3, \u003c 5.5.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (\u0026#NNN;, \u0026#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like \u0026#65; can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process\u2014even when developers have configured strict limits. This issue has been fixed in version 5.5.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-776",
"description": "CWE-776: Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T05:17:03.290Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
},
{
"name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"name": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
}
],
"source": {
"advisory": "GHSA-8gc5-j5rx-235r",
"discovery": "UNKNOWN"
},
"title": "fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33036",
"datePublished": "2026-03-20T05:17:03.290Z",
"dateReserved": "2026-03-17T18:10:50.210Z",
"dateUpdated": "2026-03-25T13:57:58.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33036",
"date": "2026-04-23",
"epss": "0.00019",
"percentile": "0.05264"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33036\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-20T06:16:11.630\",\"lastModified\":\"2026-03-23T16:28:10.930\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (\u0026#NNN;, \u0026#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like \u0026#65; can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process\u2014even when developers have configured strict limits. This issue has been fixed in version 5.5.6.\"},{\"lang\":\"es\",\"value\":\"fast-xml-parser permite a los usuarios procesar XML desde objetos JS sin bibliotecas basadas en C/C++ ni callbacks. Las versiones 4.0.0-beta.3 hasta la 5.5.5 contienen una vulnerabilidad de bypass donde las referencias de caracteres num\u00e9ricos (\u0026amp;#NNN;, \u0026amp;#xHH;) y las entidades XML est\u00e1ndar evaden completamente los l\u00edmites de expansi\u00f3n de entidades (p. ej., maxTotalExpansions, maxExpandedLength) a\u00f1adidos para corregir CVE-2026-26278, lo que permite la denegaci\u00f3n de servicio por expansi\u00f3n de entidades XML. La causa ra\u00edz es que replaceEntitiesValue() en OrderedObjParser.js solo aplica el conteo de expansi\u00f3n en entidades definidas en DOCTYPE, mientras que el bucle lastEntities que maneja las entidades num\u00e9ricas/est\u00e1ndar no realiza ning\u00fan conteo. Un atacante que suministre 1M de referencias de entidades num\u00e9ricas como A puede forzar una asignaci\u00f3n de memoria de ~147MB y un uso intensivo de CPU, lo que podr\u00eda bloquear el proceso, incluso cuando los desarrolladores han configurado l\u00edmites estrictos. Este problema ha sido corregido en la versi\u00f3n 5.5.6.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-776\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.1\",\"versionEndExcluding\":\"5.5.6\",\"matchCriteriaId\":\"AB9177BC-BACD-4367-9063-398ACE2AB4A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2398B145-2ED8-4197-8838-FAE7AD7666E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B6C4BE-69F4-4651-80EE-055D1F99F7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B32E8C4-15A7-466D-98A7-9EDD6B45F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"23CDA792-75FA-48A7-8577-4266A0BFB3A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B7FD7D-0059-4D5B-898D-539AB43AA24A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"42844DDE-AD5B-4684-8104-1C2D133C6098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"C045B7F2-16A9-47C9-B08D-71847A940B93\"}]}]}],\"references\":[{\"url\":\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33036\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-25T13:57:14.886976Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-25T13:57:44.654Z\"}}], \"cna\": {\"title\": \"fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)\", \"source\": {\"advisory\": \"GHSA-8gc5-j5rx-235r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"NaturalIntelligence\", \"product\": \"fast-xml-parser\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 4.0.0-beta.3, \u003c 5.5.6\"}]}], \"references\": [{\"url\": \"https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r\", \"name\": \"https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01\", \"name\": \"https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6\", \"name\": \"https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (\u0026#NNN;, \u0026#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like \u0026#65; can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process\\u2014even when developers have configured strict limits. This issue has been fixed in version 5.5.6.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-776\", \"description\": \"CWE-776: Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-20T05:17:03.290Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33036\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-25T13:57:58.233Z\", \"dateReserved\": \"2026-03-17T18:10:50.210Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-20T05:17:03.290Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-8GC5-J5RX-235R
Vulnerability from github – Published: 2026-03-17 19:45 – Updated: 2026-03-25 14:31
VLAI?
Summary
fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)
Details
Summary
The fix for CVE-2026-26278 added entity expansion limits (maxTotalExpansions, maxExpandedLength, maxEntityCount, maxEntitySize) to prevent XML entity expansion Denial of Service. However, these limits are only enforced for DOCTYPE-defined entities. Numeric character references (&#NNN; and &#xHH;) and standard XML entities (<, >, etc.) are processed through a separate code path that does NOT enforce any expansion limits.
An attacker can use massive numbers of numeric entity references to completely bypass all configured limits, causing excessive memory allocation and CPU consumption.
Affected Versions
fast-xml-parser v5.x through v5.5.3 (and likely v5.5.5 on npm)
Root Cause
In src/xmlparser/OrderedObjParser.js, the replaceEntitiesValue() function has two separate entity replacement loops:
- Lines 638-670: DOCTYPE entities — expansion counting with
entityExpansionCountandcurrentExpandedLengthtracking. This was the CVE-2026-26278 fix. - Lines 674-677:
lastEntitiesloop — replaces standard entities includingnum_dec(/&#([0-9]{1,7});/g) andnum_hex(/&#x([0-9a-fA-F]{1,6});/g). This loop has NO expansion counting at all.
The numeric entity regex replacements at lines 97-98 are part of lastEntities and go through the uncounted loop, completely bypassing the CVE-2026-26278 fix.
Proof of Concept
const { XMLParser } = require('fast-xml-parser');
// Even with strict explicit limits, numeric entities bypass them
const parser = new XMLParser({
processEntities: {
enabled: true,
maxTotalExpansions: 10,
maxExpandedLength: 100,
maxEntityCount: 1,
maxEntitySize: 10
}
});
// 100K numeric entity references — should be blocked by maxTotalExpansions=10
const xml = `<root>${'A'.repeat(100000)}</root>`;
const result = parser.parse(xml);
// Output: 500,000 chars — bypasses maxExpandedLength=100 completely
console.log('Output length:', result.root.length); // 500000
console.log('Expected max:', 100); // limit was 100
Results:
- 100K A references → 500,000 char output (5x default maxExpandedLength of 100,000)
- 1M references → 5,000,000 char output, ~147MB memory consumed
- Even with maxTotalExpansions=10 and maxExpandedLength=100, 10K references produce 50,000 chars
- Hex entities (A) exhibit the same bypass
Impact
Denial of Service — An attacker who can provide XML input to applications using fast-xml-parser can cause: - Excessive memory allocation (147MB+ for 1M entity references) - CPU consumption during regex replacement - Potential process crash via OOM
This is particularly dangerous because the application developer may have explicitly configured strict entity expansion limits believing they are protected, while numeric entities silently bypass all of them.
Suggested Fix
Apply the same entityExpansionCount and currentExpandedLength tracking to the lastEntities loop (lines 674-677) and the HTML entities loop (lines 680-686), similar to how DOCTYPE entities are tracked at lines 638-670.
Workaround
Set htmlEntities:false
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "fast-xml-parser"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.5.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "fast-xml-parser"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-beta.3"
},
{
"fixed": "4.5.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33036"
],
"database_specific": {
"cwe_ids": [
"CWE-776"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-17T19:45:41Z",
"nvd_published_at": "2026-03-20T06:16:11Z",
"severity": "HIGH"
},
"details": "## Summary\n\nThe fix for CVE-2026-26278 added entity expansion limits (`maxTotalExpansions`, `maxExpandedLength`, `maxEntityCount`, `maxEntitySize`) to prevent XML entity expansion Denial of Service. However, these limits are only enforced for DOCTYPE-defined entities. **Numeric character references** (`\u0026#NNN;` and `\u0026#xHH;`) and standard XML entities (`\u0026lt;`, `\u0026gt;`, etc.) are processed through a separate code path that does NOT enforce any expansion limits.\n\nAn attacker can use massive numbers of numeric entity references to completely bypass all configured limits, causing excessive memory allocation and CPU consumption.\n\n## Affected Versions\n\nfast-xml-parser v5.x through v5.5.3 (and likely v5.5.5 on npm)\n\n## Root Cause\n\nIn `src/xmlparser/OrderedObjParser.js`, the `replaceEntitiesValue()` function has two separate entity replacement loops:\n\n1. **Lines 638-670**: DOCTYPE entities \u2014 expansion counting with `entityExpansionCount` and `currentExpandedLength` tracking. This was the CVE-2026-26278 fix.\n2. **Lines 674-677**: `lastEntities` loop \u2014 replaces standard entities including `num_dec` (`/\u0026#([0-9]{1,7});/g`) and `num_hex` (`/\u0026#x([0-9a-fA-F]{1,6});/g`). **This loop has NO expansion counting at all.**\n\nThe numeric entity regex replacements at lines 97-98 are part of `lastEntities` and go through the uncounted loop, completely bypassing the CVE-2026-26278 fix.\n\n## Proof of Concept\n\n```javascript\nconst { XMLParser } = require(\u0027fast-xml-parser\u0027);\n\n// Even with strict explicit limits, numeric entities bypass them\nconst parser = new XMLParser({\n processEntities: {\n enabled: true,\n maxTotalExpansions: 10,\n maxExpandedLength: 100,\n maxEntityCount: 1,\n maxEntitySize: 10\n }\n});\n\n// 100K numeric entity references \u2014 should be blocked by maxTotalExpansions=10\nconst xml = `\u003croot\u003e${\u0027\u0026#65;\u0027.repeat(100000)}\u003c/root\u003e`;\nconst result = parser.parse(xml);\n\n// Output: 500,000 chars \u2014 bypasses maxExpandedLength=100 completely\nconsole.log(\u0027Output length:\u0027, result.root.length); // 500000\nconsole.log(\u0027Expected max:\u0027, 100); // limit was 100\n```\n\n**Results:**\n- 100K `\u0026#65;` references \u2192 500,000 char output (5x default maxExpandedLength of 100,000)\n- 1M references \u2192 5,000,000 char output, ~147MB memory consumed\n- Even with `maxTotalExpansions=10` and `maxExpandedLength=100`, 10K references produce 50,000 chars\n- Hex entities (`\u0026#x41;`) exhibit the same bypass\n\n## Impact\n\n**Denial of Service** \u2014 An attacker who can provide XML input to applications using fast-xml-parser can cause:\n- Excessive memory allocation (147MB+ for 1M entity references)\n- CPU consumption during regex replacement\n- Potential process crash via OOM\n\nThis is particularly dangerous because the application developer may have explicitly configured strict entity expansion limits believing they are protected, while numeric entities silently bypass all of them.\n\n## Suggested Fix\n\nApply the same `entityExpansionCount` and `currentExpandedLength` tracking to the `lastEntities` loop (lines 674-677) and the HTML entities loop (lines 680-686), similar to how DOCTYPE entities are tracked at lines 638-670.\n\n## Workaround\n\nSet `htmlEntities:false`",
"id": "GHSA-8gc5-j5rx-235r",
"modified": "2026-03-25T14:31:39Z",
"published": "2026-03-17T19:45:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"type": "WEB",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"type": "PACKAGE",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser"
},
{
"type": "WEB",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v4.5.5"
},
{
"type": "WEB",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)"
}
OPENSUSE-SU-2026:10462-1
Vulnerability from csaf_opensuse - Published: 2026-03-30 00:00 - Updated: 2026-03-30 00:00Summary
heroic-games-launcher-2.20.1-4.1 on GA media
Severity
Moderate
Notes
Title of the patch: heroic-games-launcher-2.20.1-4.1 on GA media
Description of the patch: These are all security issues fixed in the heroic-games-launcher-2.20.1-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10462
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "heroic-games-launcher-2.20.1-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the heroic-games-launcher-2.20.1-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10462",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10462-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33036/"
}
],
"title": "heroic-games-launcher-2.20.1-4.1 on GA media",
"tracking": {
"current_release_date": "2026-03-30T00:00:00Z",
"generator": {
"date": "2026-03-30T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10462-1",
"initial_release_date": "2026-03-30T00:00:00Z",
"revision_history": [
{
"date": "2026-03-30T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "heroic-games-launcher-2.20.1-4.1.aarch64",
"product": {
"name": "heroic-games-launcher-2.20.1-4.1.aarch64",
"product_id": "heroic-games-launcher-2.20.1-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "heroic-games-launcher-2.20.1-4.1.ppc64le",
"product": {
"name": "heroic-games-launcher-2.20.1-4.1.ppc64le",
"product_id": "heroic-games-launcher-2.20.1-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "heroic-games-launcher-2.20.1-4.1.s390x",
"product": {
"name": "heroic-games-launcher-2.20.1-4.1.s390x",
"product_id": "heroic-games-launcher-2.20.1-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "heroic-games-launcher-2.20.1-4.1.x86_64",
"product": {
"name": "heroic-games-launcher-2.20.1-4.1.x86_64",
"product_id": "heroic-games-launcher-2.20.1-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "heroic-games-launcher-2.20.1-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.aarch64"
},
"product_reference": "heroic-games-launcher-2.20.1-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "heroic-games-launcher-2.20.1-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.ppc64le"
},
"product_reference": "heroic-games-launcher-2.20.1-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "heroic-games-launcher-2.20.1-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.s390x"
},
"product_reference": "heroic-games-launcher-2.20.1-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "heroic-games-launcher-2.20.1-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.x86_64"
},
"product_reference": "heroic-games-launcher-2.20.1-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33036"
}
],
"notes": [
{
"category": "general",
"text": "fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (\u0026#NNN;, \u0026#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like \u0026#65; can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process-even when developers have configured strict limits. This issue has been fixed in version 5.5.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.aarch64",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.ppc64le",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.s390x",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33036",
"url": "https://www.suse.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "SUSE Bug 1259974 for CVE-2026-33036",
"url": "https://bugzilla.suse.com/1259974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.aarch64",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.ppc64le",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.s390x",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.aarch64",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.ppc64le",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.s390x",
"openSUSE Tumbleweed:heroic-games-launcher-2.20.1-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33036"
}
]
}
RHSA-2026:7128
Vulnerability from csaf_redhat - Published: 2026-04-08 17:43 - Updated: 2026-04-23 02:08Summary
Red Hat Security Advisory: RHACS 4.9.5 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service flaw has been discovered in the fast-xml-parser npm library. In fast-xml-parser, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points (e.g., `�` or `�`). This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input.
5.3 (Medium)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF. The addImage and html methods accept user input in their first argument without proper sanitization. An attacker can supply a specially crafted GIF file, specifically with invalid width and height header values, forcing the application to allocate an excessive amount of memory, leading to an out-of-memory condition, causing an application crash and denial of service.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
To mitigate this vulnerability, sanitize image data or validate resources fetched from URLs before calling the addImage or html methods, making sure that the width and height header values do not exceed safe and predefined limits.
A flaw was found in jsPDF. The addJS method accepts user input without proper sanitization, allowing an attacker to inject arbitrary PDF objects into the document. A specially crafted payload that escapes the JavaScript string delimiter can execute malicious actions or alter the document structure, resulting in arbitrary code execution when a user opens a PDF with a viewer that supports embedded scripts.
9.6 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
To mitigate this vulnerability, sanitize the user-provided JavaScript code before passing it to the addJS method by strictly escaping backslashes and parentheses. Additionally, do not open PDF documents from untrusted sources.
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted XML input. The system incorrectly interprets a dot in a DOCTYPE entity name as a regular expression wildcard during processing. This allows the attacker to bypass security measures and inject malicious scripts, resulting in Cross-Site Scripting (XSS) when the parsed output is displayed to users.
7.1 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF. The properties and methods of the Acroform module accept user input without sanitization, allowing an attacker to inject arbitrary PDF objects, such as JavaScript actions. Specifically, if an attacker can supply a specially crafted input to the AcroformChildClass.appearanceState property, JavaScript actions can be executed when a user opens the generated PDF document and hovers over the radio button.
9.6 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
To mitigate this vulnerability, sanitize the user-provided input before passing it to the AcroformChildClass.appearanceState property or other API members. Additionally, do not open PDF documents from untrusted sources.
A denial of service flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted, small XML input. This input can force the XML parser to perform an unlimited amount of entity expansion, consuming excessive resources. This can lead to the application freezing for an extended period, resulting in a Denial of Service (DoS).
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in fast-xml-parser. A user can exploit this flaw by processing specially crafted XML data with the XML builder when the `preserveOrder` option is enabled. This can lead to a stack overflow, causing the application to crash and resulting in a Denial of Service (DoS).
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
To mitigate this vulnerability, configure applications using the `fast-xml-parser` XML builder to set the `preserveOrder` option to `false`. Alternatively, ensure that all XML input data is thoroughly validated before being passed to the builder to prevent the processing of malicious or malformed content.
A flaw was found in jsPDF, a JavaScript library used for generating PDF documents. This vulnerability allows a remote attacker to inject arbitrary PDF objects, including JavaScript actions, into a generated PDF. This can occur if unsanitized user input is provided to the `createAnnotation` method's `color` parameter. When a user opens or interacts with the specially crafted PDF, these injected actions may execute, potentially leading to arbitrary code execution or sensitive information disclosure.
8.1 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker can exploit this vulnerability by providing malicious input to the `options` argument of the `output` function. When a victim creates and opens a PDF using this unsanitized input, arbitrary HTML, including scripts, can be injected and executed within the victim's browser context. This Cross-Site Scripting (XSS) vulnerability allows the attacker to extract or modify sensitive information from the victim's browser.
8.1 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7128
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7128",
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25128",
"url": "https://access.redhat.com/security/cve/CVE-2026-25128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25535",
"url": "https://access.redhat.com/security/cve/CVE-2026-25535"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25755",
"url": "https://access.redhat.com/security/cve/CVE-2026-25755"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25896",
"url": "https://access.redhat.com/security/cve/CVE-2026-25896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25940",
"url": "https://access.redhat.com/security/cve/CVE-2026-25940"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26278",
"url": "https://access.redhat.com/security/cve/CVE-2026-26278"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27942",
"url": "https://access.redhat.com/security/cve/CVE-2026-27942"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-31898",
"url": "https://access.redhat.com/security/cve/CVE-2026-31898"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-31938",
"url": "https://access.redhat.com/security/cve/CVE-2026-31938"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33036",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-495_release-notes-49",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-495_release-notes-49"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7128.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.9.5 security and bug fix update",
"tracking": {
"current_release_date": "2026-04-23T02:08:48+00:00",
"generator": {
"date": "2026-04-23T02:08:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:7128",
"initial_release_date": "2026-04-08T17:43:53+00:00",
"revision_history": [
{
"date": "2026-04-08T17:43:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T17:44:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-23T02:08:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774260292"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ae4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ab092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aa4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Abd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774260292"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aa524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ab6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Aa961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aa2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774260292"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ad1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Abaee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Adc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774260292"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Af6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ae26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ad42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594284"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25128",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-01-30T16:01:27.320561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2435497"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the fast-xml-parser npm library. In fast-xml-parser, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points (e.g., `\u0026#9999999;` or `\u0026#xFFFFFF;`). This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability impact of this flaw is limited to the application which bundles the fast-xml-parser library. Red Hat host systems are not at risk of availability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25128"
},
{
"category": "external",
"summary": "RHBZ#2435497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh"
}
],
"release_date": "2026-01-30T15:14:58.244000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug"
},
{
"cve": "CVE-2026-25535",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-02-19T15:01:17.455095+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440992"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF. The addImage and html methods accept user input in their first argument without proper sanitization. An attacker can supply a specially crafted GIF file, specifically with invalid width and height header values, forcing the application to allocate an excessive amount of memory, leading to an out-of-memory condition, causing an application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsPDF: denial of service via malicious GIF dimensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to process a specially crafted GIF file with an application using the addImage or html methods. This issue can cause the application to allocate an excessive amount of memory, eventually resulting in a denial of service with no other security impact. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25535"
},
{
"category": "external",
"summary": "RHBZ#2440992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440992"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25535",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25535"
},
{
"category": "external",
"summary": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25535.md",
"url": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25535.md"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/2e5e156e284d92c7d134bce97e6418756941d5e6",
"url": "https://github.com/parallax/jsPDF/commit/2e5e156e284d92c7d134bce97e6418756941d5e6"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-67pg-wm7f-q7fj",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-67pg-wm7f-q7fj"
}
],
"release_date": "2026-02-19T14:34:05.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, sanitize image data or validate resources fetched from URLs before calling the addImage or html methods, making sure that the width and height header values do not exceed safe and predefined limits.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jsPDF: denial of service via malicious GIF dimensions"
},
{
"cve": "CVE-2026-25755",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-02-19T15:01:21.761677+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440993"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF. The addJS method accepts user input without proper sanitization, allowing an attacker to inject arbitrary PDF objects into the document. A specially crafted payload that escapes the JavaScript string delimiter can execute malicious actions or alter the document structure, resulting in arbitrary code execution when a user opens a PDF with a viewer that supports embedded scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsPDF: PDF object injection via unsanitized input in addJS method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to the application using the addJS method and convince a user to open the generated PDF document with a viewer that supports embedded scripts. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25755"
},
{
"category": "external",
"summary": "RHBZ#2440993",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440993"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25755",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25755"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25755",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25755"
},
{
"category": "external",
"summary": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25755.md",
"url": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25755.md"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/56b46d45b052346f5995b005a34af5dcdddd5437",
"url": "https://github.com/parallax/jsPDF/commit/56b46d45b052346f5995b005a34af5dcdddd5437"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-9vjf-qc39-jprp",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-9vjf-qc39-jprp"
}
],
"release_date": "2026-02-19T14:41:46.941000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, sanitize the user-provided JavaScript code before passing it to the addJS method by strictly escaping backslashes and parentheses. Additionally, do not open PDF documents from untrusted sources.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jsPDF: PDF object injection via unsanitized input in addJS method"
},
{
"cve": "CVE-2026-25896",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-20T22:01:59.622413+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted XML input. The system incorrectly interprets a dot in a DOCTYPE entity name as a regular expression wildcard during processing. This allows the attacker to bypass security measures and inject malicious scripts, resulting in Cross-Site Scripting (XSS) when the parsed output is displayed to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Cross-Site Scripting (XSS) due to improper DOCTYPE entity handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been assessed as IMPORTANT for Red Hat products. This vulnerability arises when the parsed XML output is subsequently rendered to users which requires the interaction of the user. The impact of this flaw is also limited to the user\u0027s browser context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25896"
},
{
"category": "external",
"summary": "RHBZ#2441501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2"
}
],
"release_date": "2026-02-20T20:57:48.074000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: fast-xml-parser: Cross-Site Scripting (XSS) due to improper DOCTYPE entity handling"
},
{
"cve": "CVE-2026-25940",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2026-02-19T16:04:06.757217+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF. The properties and methods of the Acroform module accept user input without sanitization, allowing an attacker to inject arbitrary PDF objects, such as JavaScript actions. Specifically, if an attacker can supply a specially crafted input to the AcroformChildClass.appearanceState property, JavaScript actions can be executed when a user opens the generated PDF document and hovers over the radio button.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsPDF: PDF injection in AcroForm module allows arbitrary JavaScript execution (RadioButton children)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted input to the AcroformChildClass.appearanceState property of the Acroform module and convince a user to open the generated PDF document, resulting in arbitrary JavaScript execution when the user interacts with radio buttons. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25940"
},
{
"category": "external",
"summary": "RHBZ#2441016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25940"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/71ad2dbfa6c7c189ab42b855b782620fa8a38375",
"url": "https://github.com/parallax/jsPDF/commit/71ad2dbfa6c7c189ab42b855b782620fa8a38375"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-p5xg-68wr-hm3m",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-p5xg-68wr-hm3m"
}
],
"release_date": "2026-02-19T15:26:57.645000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, sanitize the user-provided input before passing it to the AcroformChildClass.appearanceState property or other API members. Additionally, do not open PDF documents from untrusted sources.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jsPDF: PDF injection in AcroForm module allows arbitrary JavaScript execution (RadioButton children)"
},
{
"cve": "CVE-2026-26278",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-02-19T21:03:33.363864+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441120"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted, small XML input. This input can force the XML parser to perform an unlimited amount of entity expansion, consuming excessive resources. This can lead to the application freezing for an extended period, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26278"
},
{
"category": "external",
"summary": "RHBZ#2441120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441120"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj"
}
],
"release_date": "2026-02-19T19:40:55.842000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion"
},
{
"cve": "CVE-2026-27942",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-02-26T03:01:53.367202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A user can exploit this flaw by processing specially crafted XML data with the XML builder when the `preserveOrder` option is enabled. This can lead to a stack overflow, causing the application to crash and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw affects the XML builder component of the fast-xml-parser library and is triggered only when the preserveOrder option is explicitly enabled. In Red Hat\u2013shipped configurations, this option is not enabled by default, and the vulnerable code path is therefore not exercised under typical deployments.\nThe underlying issue results in uncontrolled recursion leading to a stack overflow condition, which causes the application to terminate unexpectedly. While this can be triggered via crafted input, the impact is limited strictly to denial of service (DoS) and does not provide a mechanism for arbitrary code execution, privilege escalation, or data disclosure.\nFurthermore, exploitation requires that the affected application processes attacker-controlled XML input through the XML builder functionality with the specific vulnerable configuration enabled. This significantly reduces the attack surface and introduces environmental constraints not considered in the generalized NVD scoring.\n\nGiven the absence of confidentiality and integrity impact, the requirement for non-default configuration, and the limitation of the impact to process termination, Red Hat considers the practical risk to be lower than the NVD assessment. As such, this issue is classified as Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27942"
},
{
"category": "external",
"summary": "RHBZ#2442938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27942",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3"
}
],
"release_date": "2026-02-26T01:22:11.383000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, configure applications using the `fast-xml-parser` XML builder to set the `preserveOrder` option to `false`. Alternatively, ensure that all XML input data is thoroughly validated before being passed to the builder to prevent the processing of malicious or malformed content.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service"
},
{
"cve": "CVE-2026-31898",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-18T04:02:12.103945+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448547"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF, a JavaScript library used for generating PDF documents. This vulnerability allows a remote attacker to inject arbitrary PDF objects, including JavaScript actions, into a generated PDF. This can occur if unsanitized user input is provided to the `createAnnotation` method\u0027s `color` parameter. When a user opens or interacts with the specially crafted PDF, these injected actions may execute, potentially leading to arbitrary code execution or sensitive information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF: Arbitrary code execution via unsanitized input in createAnnotation method",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31898"
},
{
"category": "external",
"summary": "RHBZ#2448547",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448547"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31898",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31898"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/blob/b1607a9391d4cd65ea7ade25998aea8345ae1be3/src/modules/annotations.js#L193-L208",
"url": "https://github.com/parallax/jsPDF/blob/b1607a9391d4cd65ea7ade25998aea8345ae1be3/src/modules/annotations.js#L193-L208"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/4155c4819d5eca284168e51e0e1e81126b4f14b8",
"url": "https://github.com/parallax/jsPDF/commit/4155c4819d5eca284168e51e0e1e81126b4f14b8"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-7x6v-j9x4-qf24",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-7x6v-j9x4-qf24"
}
],
"release_date": "2026-03-18T03:03:43.469000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF: Arbitrary code execution via unsanitized input in createAnnotation method"
},
{
"cve": "CVE-2026-31938",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-03-18T04:02:27.320536+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448550"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker can exploit this vulnerability by providing malicious input to the `options` argument of the `output` function. When a victim creates and opens a PDF using this unsanitized input, arbitrary HTML, including scripts, can be injected and executed within the victim\u0027s browser context. This Cross-Site Scripting (XSS) vulnerability allows the attacker to extract or modify sensitive information from the victim\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF: Cross site scripting via unsanitized output options",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31938"
},
{
"category": "external",
"summary": "RHBZ#2448550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31938",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31938"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/87a40bbd07e6b30575196370670b41f264aa78d7",
"url": "https://github.com/parallax/jsPDF/commit/87a40bbd07e6b30575196370670b41f264aa78d7"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-wfv2-pwc8-crg5",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-wfv2-pwc8-crg5"
}
],
"release_date": "2026-03-18T03:05:44.964000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF: Cross site scripting via unsanitized output options"
},
{
"cve": "CVE-2026-33036",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-20T06:02:18.306021+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "RHBZ#2449458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"release_date": "2026-03-20T05:17:03.290000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T17:43:53+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7128"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0fa1b2d7000300a498354f90854e977b104acd7368b55043954027e083330cc7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:38d7d3976b8dab7c57fa3d836d728d7d8dd4c3708f3ad752f4b7bd8e5e5d9fdb_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6e95dd436f536f5688e495bb0e4e157ab88082b39088a203624886167be59e16_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:970d5dd053921bbe36ba72ea7a44792eeb3d985fd086e54e718a484e21c3238f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0e5f83114a1e501dbcb23de8b8fd2c5b8470feab7cee2304da74c65ecfc37c2c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4e53d49c420aad901e790faff75cb863a5940c75f4ae9222d252cb1184a61032_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5e598218aea7b7113132dbeafd981ba7be652452efde8ca1bcef0ab780bc3f26_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7afa1136b9335128f9edefa4f01138d8f52eb0825a6b1bdc5de1d2af23ad37b4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:433c4926f5a93402642d459c627a1ecf65e101a42bcce4042c36858205b93be9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:96d11ff01950830eac7df626092e231ab3ff78f678fb6ddb3e88bf58dd2bda65_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e4554b911cb8df3f181ae1c3e8d3d69b2feb2985f71de1e782575b4f92165f96_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f6c3977c2d562656928aa1b8477b98174a8d26db903954bdfc766cc8dfc17c7d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:9f24219801a7240ecf7a08ed16f837adf7166b53a3a32ddab932a144a36b7ebf_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:04d163e1994dec3630cdf2f5b7a4d903369b5e36fcb7b2ab8c65300fa410d541_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:27e501a85a6008eca7284c56c248a72adc62e5c8a918f1455bf0f3c22dd6e1d4_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ad7fad31ecb272845bd5e2e2a37598ccc97d5d88d250dc4bc67e7d26973fcd6b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b092ad0814533fec4198ebd3f62a74c45801b0f8c167afb095b0aba7054f50da_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56b6a1298a529b756765c844cd09e6201a7b5caca2cdf8d88a28814628585fa9_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:86a0e2ae3e5ad51ad5157216ce3c88fdaf4d9761c52083d4f1f4f76e0b223d6e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a4d435b3cd591330f60ac1198421ce870aa26f6204145431c0de9af4f7237b2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a524c2fe87dbe91b9972ad219f226ed7ea6e37af18a55e1568ae06a886b77f89_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:399e4a7cd54180ebdfc032f604d32323c4d37ac073a05931ab515970531a6528_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4e4a7bc8db8e40a45974038fb8aa0345f9327d15ae0374d07c9b53e37ffadaab_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9023f51ebcc39adb0d1f7fcce2d7104b1ae00c4b1c69f055c33c07256a8976a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:baee5d07635ef3035b4f64910f5e5ae9d718cdd75e720c4ca0d74b98f4ca6fbf_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2df8ad9a2eca2a463edc913886cfe495cb7d801b224ed8d331954517f4101eb1_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57c63eeb0553e2589ff009ea4282fc604a80a219c5aa9c5249c86c67ceef0e1b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:81b432dd922d7408be4661517abfa3fd203899749c2e18f101c08f090663d5ad_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8815b798e4ae3b11694dda0a577e15b10885185a71375100fd68b4e09b3330fa_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:3114362de56dc97a9e3790d9cf1636bae69e91575eef33b4e6d21212010e2829_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b6e61f71cc64819c7c427a2de93d5e4700deafd5e6045588627c5b5b78942cd5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d1d31953836e40908b82b037f5641d0a67a8e247024592d0eccf35c4ebdce336_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e26e1bc1616b64d275654c7008e84d9228cc7382d17a46f7cfd7a001b3a40af5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d14ae518b1d571ac6fef7120d683b8de2f140f6c183f6f8e89896e954a0f4dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6717ba500df4569760009ba9afcce1b4fc0ad274da2a4640df910d3523f4585d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:67303bf30b677847afc4b0407feed0315efd174360e0d83f51b26432edb2533e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a961c4b590e0628705ef9febfb97d5c6a294188d06db3733f4119b158b0584cb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:981235a1d6f2788bb7c8fd729c0211e937cd2d8f2de1edeb2c492c506df5b790_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:bd121fbb2925ec8b0880de8e867a0407006c1ceceae0703c7c4dafcdf5ae48b3_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d42306d76f1ef70e66bfd0b56b4e267df5f8e616442cb94fe066031dfec832ae_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc37373dbc9e947cd30672ce06f4ce6c356172bd616a281d6532724cdddc5a2b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:145e7b65e3d01210bfa07bb3e286c29e1d9218b38ec78c4e97557cba6ec4c14b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3543c30e948798589f524257534f061ede88462678b9e4946efd54ac37ead3ad_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a2840c33be901c656235847f55ece04b3a0f8cd2c5d303a21ae5241beab2e7db_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c435106c4bc0ab943b8967827aff540f57174f7a0c27df6879db9ec587dfe3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
}
]
}
RHSA-2026:9742
Vulnerability from csaf_redhat - Published: 2026-04-22 14:56 - Updated: 2026-04-23 06:09Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.8.6 release.
Severity
Critical
Notes
Topic: Red Hat Developer Hub 1.8.6 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
7.0 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.
A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
7.3 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.
6.5 (Medium)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
To mitigate this issue, restrict network access to the Red Hat Developer Hub instance to trusted users and networks only. This limits the exposure of the vulnerable Orchestrator Plugin to unauthorized access.
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
8.1 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
6.5 (Medium)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.
5.9 (Medium)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
To mitigate this issue, applications utilizing Underscore.js should ensure that any processing of untrusted, recursively structured data with `_.flatten` or `_.isEqual` explicitly enforces a finite depth limit. Review application code to identify and modify calls to these functions, adding appropriate depth parameters to prevent stack overflow conditions. Additionally, input validation should be implemented to sanitize untrusted data before it is processed by Underscore.js functions.
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
6.5 (Medium)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.
9.1 (Critical)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
To mitigate this issue, enable docker isolation by updating the Backstage configuration to use 'runIn: docker' instead of 'runIn: local', confining the arbitrary Python code execution to a containerized environment. Additionally, limit commit access to repositories tracked by Backstage to trusted contributors only, and enforce mandatory pull request (PR) reviews for any modifications made to the mkdocs.yml file.
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.
9.8 (Critical)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.
7.5 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.
7.4 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.
8.6 (High)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
9.0 (Critical)
Vendor Fix
For more about Red Hat Developer Hub, see References links
https://access.redhat.com/errata/RHSA-2026:9742
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Thibault Guittet
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.8.6 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9742",
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69534",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1525",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26996",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27601",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27904",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29186",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3118",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33036",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33228",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33891",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33895",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33896",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39983",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2288",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2288"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2947",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2947"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2972",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2972"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12327",
"url": "https://issues.redhat.com/browse/RHIDP-12327"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12388",
"url": "https://issues.redhat.com/browse/RHIDP-12388"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12419",
"url": "https://issues.redhat.com/browse/RHIDP-12419"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12511",
"url": "https://issues.redhat.com/browse/RHIDP-12511"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12568",
"url": "https://issues.redhat.com/browse/RHIDP-12568"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12647",
"url": "https://issues.redhat.com/browse/RHIDP-12647"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12650",
"url": "https://issues.redhat.com/browse/RHIDP-12650"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12655",
"url": "https://issues.redhat.com/browse/RHIDP-12655"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12666",
"url": "https://issues.redhat.com/browse/RHIDP-12666"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12686",
"url": "https://issues.redhat.com/browse/RHIDP-12686"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12784",
"url": "https://issues.redhat.com/browse/RHIDP-12784"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12880",
"url": "https://issues.redhat.com/browse/RHIDP-12880"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12887",
"url": "https://issues.redhat.com/browse/RHIDP-12887"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12921",
"url": "https://issues.redhat.com/browse/RHIDP-12921"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12930",
"url": "https://issues.redhat.com/browse/RHIDP-12930"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12996",
"url": "https://issues.redhat.com/browse/RHIDP-12996"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13105",
"url": "https://issues.redhat.com/browse/RHIDP-13105"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13107",
"url": "https://issues.redhat.com/browse/RHIDP-13107"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13130",
"url": "https://issues.redhat.com/browse/RHIDP-13130"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13180",
"url": "https://issues.redhat.com/browse/RHIDP-13180"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13182",
"url": "https://issues.redhat.com/browse/RHIDP-13182"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13185",
"url": "https://issues.redhat.com/browse/RHIDP-13185"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9742.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.8.6 release.",
"tracking": {
"current_release_date": "2026-04-23T06:09:32+00:00",
"generator": {
"date": "2026-04-23T06:09:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:9742",
"initial_release_date": "2026-04-22T14:56:38+00:00",
"revision_history": [
{
"date": "2026-04-22T14:56:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T14:56:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-23T06:09:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.8",
"product": {
"name": "Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3Abb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776784286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3Af09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776783947"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3Ab40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776787729"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"acknowledgments": [
{
"names": [
"Thibault Guittet"
]
}
],
"cve": "CVE-2026-3118",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-24T12:08:42.955000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442273"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact vulnerability in the Orchestrator Plugin of Red Hat Developer Hub (Backstage) allows an authenticated attacker to cause a platform-wide Denial of Service. By injecting specially crafted input into GraphQL API requests, an attacker can disrupt backend query processing, leading to the application crashing and restarting. This issue temporarily prevents legitimate users from accessing the platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "RHBZ#2442273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3118",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118"
}
],
"release_date": "2026-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the Red Hat Developer Hub instance to trusted users and networks only. This limits the exposure of the vulnerable Orchestrator Plugin to unauthorized access.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27601",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-03T23:01:58.011378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "RHBZ#2444247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4",
"url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84",
"url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw",
"url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
}
],
"release_date": "2026-03-03T22:38:38.955000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Underscore.js should ensure that any processing of untrusted, recursively structured data with `_.flatten` or `_.isEqual` explicitly enforces a finite depth limit. Review application code to identify and modify calls to these functions, adding appropriate depth parameters to prevent stack overflow conditions. Additionally, input validation should be implemented to sanitize untrusted data before it is processed by Underscore.js functions.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-29186",
"cwe": {
"id": "CWE-791",
"name": "Incomplete Filtering of Special Elements"
},
"discovery_date": "2026-03-07T16:01:40.949207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs commit access to a repository that Backstage is configured to track and build in order to introduce a malicious mkdocs.yml file into the TechDocs build pipeline. Additionally, an attacker can execute arbitrary Python code but the payload is confined by the permissions granted to the TechDocs build process which is typically a restricted service account, limiting the impact of this vulnerability. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "RHBZ#2445480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw",
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw"
}
],
"release_date": "2026-03-07T15:03:51.422000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, enable docker isolation by updating the Backstage configuration to use \u0027runIn: docker\u0027 instead of \u0027runIn: local\u0027, confining the arbitrary Python code execution to a containerized environment. Additionally, limit commit access to repositories tracked by Backstage to trusted contributors only, and enforce mandatory pull request (PR) reviews for any modifications made to the mkdocs.yml file.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
},
{
"cve": "CVE-2026-33036",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-20T06:02:18.306021+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "RHBZ#2449458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"release_date": "2026-03-20T05:17:03.290000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass"
},
{
"cve": "CVE-2026-33228",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-21T00:01:43.424803+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Critical vulnerability was discovered in \u0027flatted\u0027, a JavaScript JSON parser. It could enable a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Exploitation involves prototype pollution by providing a specially crafted JSON input. Red Hat products that process un-trusted JSON data and utilize the \u0027flatted\u0027 library are at risk if they do not properly sanitize input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "RHBZ#2449872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802",
"url": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2",
"url": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh"
}
],
"release_date": "2026-03-20T23:06:48.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON."
},
{
"cve": "CVE-2026-33891",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-27T21:01:34.410210+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "RHBZ#2452450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33891",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023",
"url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
}
],
"release_date": "2026-03-27T20:43:37.725000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()"
},
{
"cve": "CVE-2026-33894",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:52.462999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452464"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "RHBZ#2452464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"category": "external",
"summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"release_date": "2026-03-27T20:45:49.583000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
},
{
"cve": "CVE-2026-33895",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:18.484291+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452457"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library\u0027s Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "RHBZ#2452457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4",
"url": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85",
"url": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw"
}
],
"release_date": "2026-03-27T20:47:54.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures"
},
{
"cve": "CVE-2026-33896",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-27T21:02:22.762233+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "RHBZ#2452458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90",
"url": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25"
}
],
"release_date": "2026-03-27T20:50:03.418000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance"
},
{
"cve": "CVE-2026-39983",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-04-09T18:02:16.209487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "RHBZ#2456971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b",
"url": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1",
"url": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q",
"url": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q"
}
],
"release_date": "2026-04-09T17:05:46.228000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
}
]
}
RHSA-2026:7110
Vulnerability from csaf_redhat - Published: 2026-04-08 16:37 - Updated: 2026-04-23 02:08Summary
Red Hat Security Advisory: RHACS 4.8.10 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service flaw has been discovered in the fast-xml-parser npm library. In fast-xml-parser, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points (e.g., `�` or `�`). This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input.
5.3 (Medium)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF. The addImage and html methods accept user input in their first argument without proper sanitization. An attacker can supply a specially crafted GIF file, specifically with invalid width and height header values, forcing the application to allocate an excessive amount of memory, leading to an out-of-memory condition, causing an application crash and denial of service.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
To mitigate this vulnerability, sanitize image data or validate resources fetched from URLs before calling the addImage or html methods, making sure that the width and height header values do not exceed safe and predefined limits.
A flaw was found in jsPDF. The addJS method accepts user input without proper sanitization, allowing an attacker to inject arbitrary PDF objects into the document. A specially crafted payload that escapes the JavaScript string delimiter can execute malicious actions or alter the document structure, resulting in arbitrary code execution when a user opens a PDF with a viewer that supports embedded scripts.
9.6 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
To mitigate this vulnerability, sanitize the user-provided JavaScript code before passing it to the addJS method by strictly escaping backslashes and parentheses. Additionally, do not open PDF documents from untrusted sources.
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted XML input. The system incorrectly interprets a dot in a DOCTYPE entity name as a regular expression wildcard during processing. This allows the attacker to bypass security measures and inject malicious scripts, resulting in Cross-Site Scripting (XSS) when the parsed output is displayed to users.
7.1 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF. The properties and methods of the Acroform module accept user input without sanitization, allowing an attacker to inject arbitrary PDF objects, such as JavaScript actions. Specifically, if an attacker can supply a specially crafted input to the AcroformChildClass.appearanceState property, JavaScript actions can be executed when a user opens the generated PDF document and hovers over the radio button.
9.6 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
To mitigate this vulnerability, sanitize the user-provided input before passing it to the AcroformChildClass.appearanceState property or other API members. Additionally, do not open PDF documents from untrusted sources.
A denial of service flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted, small XML input. This input can force the XML parser to perform an unlimited amount of entity expansion, consuming excessive resources. This can lead to the application freezing for an extended period, resulting in a Denial of Service (DoS).
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in fast-xml-parser. A user can exploit this flaw by processing specially crafted XML data with the XML builder when the `preserveOrder` option is enabled. This can lead to a stack overflow, causing the application to crash and resulting in a Denial of Service (DoS).
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
To mitigate this vulnerability, configure applications using the `fast-xml-parser` XML builder to set the `preserveOrder` option to `false`. Alternatively, ensure that all XML input data is thoroughly validated before being passed to the builder to prevent the processing of malicious or malformed content.
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF, a JavaScript library used for generating PDF documents. This vulnerability allows a remote attacker to inject arbitrary PDF objects, including JavaScript actions, into a generated PDF. This can occur if unsanitized user input is provided to the `createAnnotation` method's `color` parameter. When a user opens or interacts with the specially crafted PDF, these injected actions may execute, potentially leading to arbitrary code execution or sensitive information disclosure.
8.1 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker can exploit this vulnerability by providing malicious input to the `options` argument of the `output` function. When a victim creates and opens a PDF using this unsanitized input, arbitrary HTML, including scripts, can be injected and executed within the victim's browser context. This Cross-Site Scripting (XSS) vulnerability allows the attacker to extract or modify sensitive information from the victim's browser.
8.1 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:7110
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7110",
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25128",
"url": "https://access.redhat.com/security/cve/CVE-2026-25128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25535",
"url": "https://access.redhat.com/security/cve/CVE-2026-25535"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25755",
"url": "https://access.redhat.com/security/cve/CVE-2026-25755"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25896",
"url": "https://access.redhat.com/security/cve/CVE-2026-25896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25940",
"url": "https://access.redhat.com/security/cve/CVE-2026-25940"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26278",
"url": "https://access.redhat.com/security/cve/CVE-2026-26278"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27942",
"url": "https://access.redhat.com/security/cve/CVE-2026-27942"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-31898",
"url": "https://access.redhat.com/security/cve/CVE-2026-31898"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-31938",
"url": "https://access.redhat.com/security/cve/CVE-2026-31938"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33036",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4810_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4810_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7110.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.10 security and bug fix update",
"tracking": {
"current_release_date": "2026-04-23T02:08:47+00:00",
"generator": {
"date": "2026-04-23T02:08:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:7110",
"initial_release_date": "2026-04-08T16:37:57+00:00",
"revision_history": [
{
"date": "2026-04-08T16:37:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T16:38:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-23T02:08:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ac0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774163438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ae5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Abe836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Adb5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Abe770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aaede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774163438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ad9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Acb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774163438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ab774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Aeba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774163438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ac7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1774294180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ae9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1775594119"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25128",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-01-30T16:01:27.320561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2435497"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the fast-xml-parser npm library. In fast-xml-parser, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points (e.g., `\u0026#9999999;` or `\u0026#xFFFFFF;`). This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability impact of this flaw is limited to the application which bundles the fast-xml-parser library. Red Hat host systems are not at risk of availability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25128"
},
{
"category": "external",
"summary": "RHBZ#2435497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh"
}
],
"release_date": "2026-01-30T15:14:58.244000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug"
},
{
"cve": "CVE-2026-25535",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-02-19T15:01:17.455095+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440992"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF. The addImage and html methods accept user input in their first argument without proper sanitization. An attacker can supply a specially crafted GIF file, specifically with invalid width and height header values, forcing the application to allocate an excessive amount of memory, leading to an out-of-memory condition, causing an application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsPDF: denial of service via malicious GIF dimensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to process a specially crafted GIF file with an application using the addImage or html methods. This issue can cause the application to allocate an excessive amount of memory, eventually resulting in a denial of service with no other security impact. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25535"
},
{
"category": "external",
"summary": "RHBZ#2440992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440992"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25535",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25535"
},
{
"category": "external",
"summary": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25535.md",
"url": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25535.md"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/2e5e156e284d92c7d134bce97e6418756941d5e6",
"url": "https://github.com/parallax/jsPDF/commit/2e5e156e284d92c7d134bce97e6418756941d5e6"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-67pg-wm7f-q7fj",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-67pg-wm7f-q7fj"
}
],
"release_date": "2026-02-19T14:34:05.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, sanitize image data or validate resources fetched from URLs before calling the addImage or html methods, making sure that the width and height header values do not exceed safe and predefined limits.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jsPDF: denial of service via malicious GIF dimensions"
},
{
"cve": "CVE-2026-25755",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-02-19T15:01:21.761677+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440993"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF. The addJS method accepts user input without proper sanitization, allowing an attacker to inject arbitrary PDF objects into the document. A specially crafted payload that escapes the JavaScript string delimiter can execute malicious actions or alter the document structure, resulting in arbitrary code execution when a user opens a PDF with a viewer that supports embedded scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsPDF: PDF object injection via unsanitized input in addJS method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to the application using the addJS method and convince a user to open the generated PDF document with a viewer that supports embedded scripts. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25755"
},
{
"category": "external",
"summary": "RHBZ#2440993",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440993"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25755",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25755"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25755",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25755"
},
{
"category": "external",
"summary": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25755.md",
"url": "https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25755.md"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/56b46d45b052346f5995b005a34af5dcdddd5437",
"url": "https://github.com/parallax/jsPDF/commit/56b46d45b052346f5995b005a34af5dcdddd5437"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-9vjf-qc39-jprp",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-9vjf-qc39-jprp"
}
],
"release_date": "2026-02-19T14:41:46.941000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, sanitize the user-provided JavaScript code before passing it to the addJS method by strictly escaping backslashes and parentheses. Additionally, do not open PDF documents from untrusted sources.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jsPDF: PDF object injection via unsanitized input in addJS method"
},
{
"cve": "CVE-2026-25896",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-20T22:01:59.622413+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted XML input. The system incorrectly interprets a dot in a DOCTYPE entity name as a regular expression wildcard during processing. This allows the attacker to bypass security measures and inject malicious scripts, resulting in Cross-Site Scripting (XSS) when the parsed output is displayed to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Cross-Site Scripting (XSS) due to improper DOCTYPE entity handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been assessed as IMPORTANT for Red Hat products. This vulnerability arises when the parsed XML output is subsequently rendered to users which requires the interaction of the user. The impact of this flaw is also limited to the user\u0027s browser context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25896"
},
{
"category": "external",
"summary": "RHBZ#2441501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2"
}
],
"release_date": "2026-02-20T20:57:48.074000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: fast-xml-parser: Cross-Site Scripting (XSS) due to improper DOCTYPE entity handling"
},
{
"cve": "CVE-2026-25940",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2026-02-19T16:04:06.757217+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF. The properties and methods of the Acroform module accept user input without sanitization, allowing an attacker to inject arbitrary PDF objects, such as JavaScript actions. Specifically, if an attacker can supply a specially crafted input to the AcroformChildClass.appearanceState property, JavaScript actions can be executed when a user opens the generated PDF document and hovers over the radio button.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsPDF: PDF injection in AcroForm module allows arbitrary JavaScript execution (RadioButton children)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted input to the AcroformChildClass.appearanceState property of the Acroform module and convince a user to open the generated PDF document, resulting in arbitrary JavaScript execution when the user interacts with radio buttons. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25940"
},
{
"category": "external",
"summary": "RHBZ#2441016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25940"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/71ad2dbfa6c7c189ab42b855b782620fa8a38375",
"url": "https://github.com/parallax/jsPDF/commit/71ad2dbfa6c7c189ab42b855b782620fa8a38375"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-p5xg-68wr-hm3m",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-p5xg-68wr-hm3m"
}
],
"release_date": "2026-02-19T15:26:57.645000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, sanitize the user-provided input before passing it to the AcroformChildClass.appearanceState property or other API members. Additionally, do not open PDF documents from untrusted sources.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jsPDF: PDF injection in AcroForm module allows arbitrary JavaScript execution (RadioButton children)"
},
{
"cve": "CVE-2026-26278",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-02-19T21:03:33.363864+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441120"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by providing a specially crafted, small XML input. This input can force the XML parser to perform an unlimited amount of entity expansion, consuming excessive resources. This can lead to the application freezing for an extended period, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26278"
},
{
"category": "external",
"summary": "RHBZ#2441120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441120"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj"
}
],
"release_date": "2026-02-19T19:40:55.842000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion"
},
{
"cve": "CVE-2026-27942",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-02-26T03:01:53.367202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A user can exploit this flaw by processing specially crafted XML data with the XML builder when the `preserveOrder` option is enabled. This can lead to a stack overflow, causing the application to crash and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw affects the XML builder component of the fast-xml-parser library and is triggered only when the preserveOrder option is explicitly enabled. In Red Hat\u2013shipped configurations, this option is not enabled by default, and the vulnerable code path is therefore not exercised under typical deployments.\nThe underlying issue results in uncontrolled recursion leading to a stack overflow condition, which causes the application to terminate unexpectedly. While this can be triggered via crafted input, the impact is limited strictly to denial of service (DoS) and does not provide a mechanism for arbitrary code execution, privilege escalation, or data disclosure.\nFurthermore, exploitation requires that the affected application processes attacker-controlled XML input through the XML builder functionality with the specific vulnerable configuration enabled. This significantly reduces the attack surface and introduces environmental constraints not considered in the generalized NVD scoring.\n\nGiven the absence of confidentiality and integrity impact, the requirement for non-default configuration, and the limitation of the impact to process termination, Red Hat considers the practical risk to be lower than the NVD assessment. As such, this issue is classified as Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27942"
},
{
"category": "external",
"summary": "RHBZ#2442938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27942",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3"
}
],
"release_date": "2026-02-26T01:22:11.383000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, configure applications using the `fast-xml-parser` XML builder to set the `preserveOrder` option to `false`. Alternatively, ensure that all XML input data is thoroughly validated before being passed to the builder to prevent the processing of malicious or malformed content.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-31898",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-18T04:02:12.103945+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448547"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF, a JavaScript library used for generating PDF documents. This vulnerability allows a remote attacker to inject arbitrary PDF objects, including JavaScript actions, into a generated PDF. This can occur if unsanitized user input is provided to the `createAnnotation` method\u0027s `color` parameter. When a user opens or interacts with the specially crafted PDF, these injected actions may execute, potentially leading to arbitrary code execution or sensitive information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF: Arbitrary code execution via unsanitized input in createAnnotation method",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31898"
},
{
"category": "external",
"summary": "RHBZ#2448547",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448547"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31898",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31898"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/blob/b1607a9391d4cd65ea7ade25998aea8345ae1be3/src/modules/annotations.js#L193-L208",
"url": "https://github.com/parallax/jsPDF/blob/b1607a9391d4cd65ea7ade25998aea8345ae1be3/src/modules/annotations.js#L193-L208"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/4155c4819d5eca284168e51e0e1e81126b4f14b8",
"url": "https://github.com/parallax/jsPDF/commit/4155c4819d5eca284168e51e0e1e81126b4f14b8"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-7x6v-j9x4-qf24",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-7x6v-j9x4-qf24"
}
],
"release_date": "2026-03-18T03:03:43.469000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF: Arbitrary code execution via unsanitized input in createAnnotation method"
},
{
"cve": "CVE-2026-31938",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-03-18T04:02:27.320536+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448550"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker can exploit this vulnerability by providing malicious input to the `options` argument of the `output` function. When a victim creates and opens a PDF using this unsanitized input, arbitrary HTML, including scripts, can be injected and executed within the victim\u0027s browser context. This Cross-Site Scripting (XSS) vulnerability allows the attacker to extract or modify sensitive information from the victim\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF: Cross site scripting via unsanitized output options",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31938"
},
{
"category": "external",
"summary": "RHBZ#2448550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31938",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31938"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/87a40bbd07e6b30575196370670b41f264aa78d7",
"url": "https://github.com/parallax/jsPDF/commit/87a40bbd07e6b30575196370670b41f264aa78d7"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.1"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-wfv2-pwc8-crg5",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-wfv2-pwc8-crg5"
}
],
"release_date": "2026-03-18T03:05:44.964000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF: Cross site scripting via unsanitized output options"
},
{
"cve": "CVE-2026-33036",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-20T06:02:18.306021+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "RHBZ#2449458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"release_date": "2026-03-20T05:17:03.290000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T16:37:57+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7110"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:72a20b53279a3a8830af7f7d6812a61425b9a837a83f97f3f54b7050916c3fa3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d5b1983394113e7a4cf8029bb50f2530e858910b7020466b8e6a4933b6dae1a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:9371852170e6c5b3ddbaaf9ed6700117bac6d791c987814fde375f3301996876_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cb58f46536545fbc77c9bfc029d772ffa9c09d59db69efbc33e339e8ad294be5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0c9d3da8882bca445233259f751594ac7fb884b58b22980bd312b97589af064a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:16ba303094b01480fe620c48fd42df6603979fe17b2b70a1686ea0c0cee7eea7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:aede8db305e402acdf3a6cdac67d0bcc54902955f2a54fadf6b13e1e69c6462a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:c0081d8795d5bb8a32b36fcb892a6864dd62392dc6ef32fc2b9a20449e120743_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5533b87f5a3c9df67608236393d31507dd2b1f0af0ca787997f9dfed44222d9d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8a3f82a33e522ce518e52411d48475cb47bea153176b833eace73fc24a5b7672_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c7d8d836b92a80d6d02a8ea73a69d773b0983d9bae4f217b8f4adb39a0e00d86_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:d9d95fe1014cf1632681171d34f760a1d7ffe81c81df1fb9942c1a08f4ffb857_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:66a5990c109ebfefd445dea871123c2af717cd482b78db4b8aabd7a3eeb61e38_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4f00761fa67936c65ae05c98d28886873321679ed3d0a8741526332e57b2455e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:5abaa5a39ec732af6d795a087e91ef68483c9897c33cfe1a9de9035484348dec_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:81587f2e1630a5bcdea8c6b4ba1459a3e00e070bd4cb8eac80a923aac18dd4ba_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c6907a16bc9d855c22a72d3f801ecbc0b0a014468711589c3a2a48afd5b4681c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07d8cbd4310eda65e515533621df271cc8ac1818b1b275b50b961cbcc591bf76_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2b894cfaf6b322e5404e8f6926e6f4b6bc230857b8d7918d78e1e0025c52d2e7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4dae0bdb7b8acbef7a2d1eca02b9d1084de550024669d87639bfddfae8a89fba_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e6efacfc68bf8bdcf7148ce051c79091ef69a485d119e3c098063fa1f4f8470_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2c2762b767c9512634c69fa3ec231f749a61569684d5abcce965d89ea23dcf85_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4296c95011ba9beaca9f2de8a4287e7b0f859d88bb1025886048c1da85858a3f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be836e869ab59f6b479706659afec22ff7739660f6f410ab7dca73c0108fe3f8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f717ea17f778b7422f8f9800cbe0af01466beb363472b3cac500baffae4f899b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3e106a6f9ce4cd8dd5e82e21402e6ad0583188c299c7fc246c57c2485b90ad06_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4a94f65f4fdf3d27ec688042749b6d09d8e435cb1e6d3800a998cf05596ed1a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62b563c730d30a8f349dafe29cdd949ec2d59cd005e978b5837dd100e2366ee8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b774310e45bc427b4cfd9b46ab513fa2d93e0c8867515bced6722b4d4e0c721b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:16768c8b79f218f568fd2a231baa9d84054285b636f013c6bff0dcbce4e515dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5a174f879c2fbaff025d1bb61786fb8a07576091d463316ccdefb58dbba8acbf_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9b0849d6dec032cd4d4a0e6de209eb5577fb6a4099934c9ab0f52612dcc5a299_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5a6aa40bbe231feaf2b0399aa8a450a36ecf82ff76e28924782a55d9cecab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2444a5681db82400db7d054f630341ce20629ba50d7bd5ce259bf7e3dd9d4098_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3540f7466018222deb2064c2ba598e09adb670c67a21c4e17d078ab82fbad1c9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:db5c88056eaf21217e6fba697f146e7a6870ad890ad2b996f0be16d16f41966a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:eba5b1b3adb15c83d9d160c2b1bb9e84ab6bfbcfed837e5578bfe50b0d28aa1b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e817ba704f3349178cd3094b929cb468763a77f234a0dc7d986dfe67e741ee7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2187aaf918f785ad43d00667905d7f9bbe3edc68a34d9965a45d8e80ce74d88e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:714fca639c806e479107dbb96ef178ca3d304737209b9c060bf978674f40bc47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:be770376f11072bc472c904645063e61ff571088185669ba2514e56eeb75e8aa_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:579133a11226d177bf8b72ebd81285c842671e41e50c49a482bc80412eb703e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6aa8e51a41b8a1d45962b0d250a8c99f4d0065a16d6e727ab58f54dbd2f23c34_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:95f9db01662bba089d7ccd418a52dde2aca7052ff3f1231c4012c0764d261fd7_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e9299cf7be4bdc5c5f5d32cce1e4da3f44ad04adfd8ea92d56ebb3ec29dcc5a0_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
}
]
}
FKIE_CVE-2026-33036
Vulnerability from fkie_nvd - Published: 2026-03-20 06:16 - Updated: 2026-03-23 16:28
Severity ?
Summary
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (&#NNN;, &#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like A can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process—even when developers have configured strict limits. This issue has been fixed in version 5.5.6.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01 | Patch | |
| security-advisories@github.com | https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6 | Product, Release Notes | |
| security-advisories@github.com | https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r | Exploit, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| naturalintelligence | fast-xml-parser | * | |
| naturalintelligence | fast-xml-parser | 4.0.0 | |
| naturalintelligence | fast-xml-parser | 4.0.0 | |
| naturalintelligence | fast-xml-parser | 4.0.0 | |
| naturalintelligence | fast-xml-parser | 4.0.0 | |
| naturalintelligence | fast-xml-parser | 4.0.0 | |
| naturalintelligence | fast-xml-parser | 4.0.0 | |
| naturalintelligence | fast-xml-parser | 4.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9177BC-BACD-4367-9063-398ACE2AB4A7",
"versionEndExcluding": "5.5.6",
"versionStartIncluding": "4.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2398B145-2ED8-4197-8838-FAE7AD7666E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "44B6C4BE-69F4-4651-80EE-055D1F99F7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "4B32E8C4-15A7-466D-98A7-9EDD6B45F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "23CDA792-75FA-48A7-8577-4266A0BFB3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "D4B7FD7D-0059-4D5B-898D-539AB43AA24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "42844DDE-AD5B-4684-8104-1C2D133C6098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:naturalintelligence:fast-xml-parser:4.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "C045B7F2-16A9-47C9-B08D-71847A940B93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (\u0026#NNN;, \u0026#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like \u0026#65; can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process\u2014even when developers have configured strict limits. This issue has been fixed in version 5.5.6."
},
{
"lang": "es",
"value": "fast-xml-parser permite a los usuarios procesar XML desde objetos JS sin bibliotecas basadas en C/C++ ni callbacks. Las versiones 4.0.0-beta.3 hasta la 5.5.5 contienen una vulnerabilidad de bypass donde las referencias de caracteres num\u00e9ricos (\u0026amp;#NNN;, \u0026amp;#xHH;) y las entidades XML est\u00e1ndar evaden completamente los l\u00edmites de expansi\u00f3n de entidades (p. ej., maxTotalExpansions, maxExpandedLength) a\u00f1adidos para corregir CVE-2026-26278, lo que permite la denegaci\u00f3n de servicio por expansi\u00f3n de entidades XML. La causa ra\u00edz es que replaceEntitiesValue() en OrderedObjParser.js solo aplica el conteo de expansi\u00f3n en entidades definidas en DOCTYPE, mientras que el bucle lastEntities que maneja las entidades num\u00e9ricas/est\u00e1ndar no realiza ning\u00fan conteo. Un atacante que suministre 1M de referencias de entidades num\u00e9ricas como A puede forzar una asignaci\u00f3n de memoria de ~147MB y un uso intensivo de CPU, lo que podr\u00eda bloquear el proceso, incluso cuando los desarrolladores han configurado l\u00edmites estrictos. Este problema ha sido corregido en la versi\u00f3n 5.5.6."
}
],
"id": "CVE-2026-33036",
"lastModified": "2026-03-23T16:28:10.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-03-20T06:16:11.630",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-776"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
cleanstart-2026-gs57401
Vulnerability from cleanstart
Published
2026-04-01 09:43
Modified
2026-03-19 07:48
Summary
Security fixes for CVE-2025-69873, CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2327, CVE-2026-2391, CVE-2026-25128, CVE-2026-25547, CVE-2026-2581, CVE-2026-25896, CVE-2026-26278, CVE-2026-26960, CVE-2026-27601, CVE-2026-27903, CVE-2026-27904, CVE-2026-27942, CVE-2026-28292, CVE-2026-29786, CVE-2026-31802, CVE-2026-32141, CVE-2026-33036, ghsa-23c5-xmqv-rm74, ghsa-25h7-pfq9-p65f, ghsa-2g4f-4pwh-qvx6, ghsa-2mjp-6q6p-2qxm, ghsa-37qj-frw5-hhjh, ghsa-38c4-r59v-3vqw, ghsa-3ppc-4f35-3m26, ghsa-4992-7rv2-5pvq, ghsa-7h2j-956f-4vf2, ghsa-7r86-cg39-jmmj, ghsa-83g3-92jg-28cx, ghsa-8gc5-j5rx-235r, ghsa-8wc6-vgrq-x6cf, ghsa-9ppj-qmqm-q256, ghsa-f269-vfmq-vjvj, ghsa-fj3w-jwp8-x2g3, ghsa-jmr7-xgp7-cmfj, ghsa-m7jm-9gc2-mpf2, ghsa-phc3-fgpg-7m6h, ghsa-qffp-2rhf-9h96, ghsa-qpx9-hpmf-5gmw, ghsa-r275-fr43-pm7q, ghsa-v9p9-hfj2-hcw8, ghsa-vrm6-8vpv-qv8q, ghsa-w7fw-mjwx-w883 applied in versions: 43.4.3-r1
Details
Multiple security vulnerabilities affect the renovate package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "renovate"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "43.4.3-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the renovate package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GS57401",
"modified": "2026-03-19T07:48:38Z",
"published": "2026-04-01T09:43:24.793409Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GS57401.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1527"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1528"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2327"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2391"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25128"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25547"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2581"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25896"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26278"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26960"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27601"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27904"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27942"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-28292"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29786"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-31802"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33036"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-23c5-xmqv-rm74"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-25h7-pfq9-p65f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g4f-4pwh-qvx6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2mjp-6q6p-2qxm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37qj-frw5-hhjh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38c4-r59v-3vqw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3ppc-4f35-3m26"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4992-7rv2-5pvq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7h2j-956f-4vf2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7r86-cg39-jmmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-83g3-92jg-28cx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8gc5-j5rx-235r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8wc6-vgrq-x6cf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9ppj-qmqm-q256"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f269-vfmq-vjvj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fj3w-jwp8-x2g3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jmr7-xgp7-cmfj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m7jm-9gc2-mpf2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-phc3-fgpg-7m6h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qffp-2rhf-9h96"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qpx9-hpmf-5gmw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r275-fr43-pm7q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v9p9-hfj2-hcw8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrm6-8vpv-qv8q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w7fw-mjwx-w883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2327"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2391"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26960"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28292"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29786"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31802"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-69873, CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2327, CVE-2026-2391, CVE-2026-25128, CVE-2026-25547, CVE-2026-2581, CVE-2026-25896, CVE-2026-26278, CVE-2026-26960, CVE-2026-27601, CVE-2026-27903, CVE-2026-27904, CVE-2026-27942, CVE-2026-28292, CVE-2026-29786, CVE-2026-31802, CVE-2026-32141, CVE-2026-33036, ghsa-23c5-xmqv-rm74, ghsa-25h7-pfq9-p65f, ghsa-2g4f-4pwh-qvx6, ghsa-2mjp-6q6p-2qxm, ghsa-37qj-frw5-hhjh, ghsa-38c4-r59v-3vqw, ghsa-3ppc-4f35-3m26, ghsa-4992-7rv2-5pvq, ghsa-7h2j-956f-4vf2, ghsa-7r86-cg39-jmmj, ghsa-83g3-92jg-28cx, ghsa-8gc5-j5rx-235r, ghsa-8wc6-vgrq-x6cf, ghsa-9ppj-qmqm-q256, ghsa-f269-vfmq-vjvj, ghsa-fj3w-jwp8-x2g3, ghsa-jmr7-xgp7-cmfj, ghsa-m7jm-9gc2-mpf2, ghsa-phc3-fgpg-7m6h, ghsa-qffp-2rhf-9h96, ghsa-qpx9-hpmf-5gmw, ghsa-r275-fr43-pm7q, ghsa-v9p9-hfj2-hcw8, ghsa-vrm6-8vpv-qv8q, ghsa-w7fw-mjwx-w883 applied in versions: 43.4.3-r1",
"upstream": [
"CVE-2025-69873",
"CVE-2026-1525",
"CVE-2026-1526",
"CVE-2026-1527",
"CVE-2026-1528",
"CVE-2026-2229",
"CVE-2026-2327",
"CVE-2026-2391",
"CVE-2026-25128",
"CVE-2026-25547",
"CVE-2026-2581",
"CVE-2026-25896",
"CVE-2026-26278",
"CVE-2026-26960",
"CVE-2026-27601",
"CVE-2026-27903",
"CVE-2026-27904",
"CVE-2026-27942",
"CVE-2026-28292",
"CVE-2026-29786",
"CVE-2026-31802",
"CVE-2026-32141",
"CVE-2026-33036",
"ghsa-23c5-xmqv-rm74",
"ghsa-25h7-pfq9-p65f",
"ghsa-2g4f-4pwh-qvx6",
"ghsa-2mjp-6q6p-2qxm",
"ghsa-37qj-frw5-hhjh",
"ghsa-38c4-r59v-3vqw",
"ghsa-3ppc-4f35-3m26",
"ghsa-4992-7rv2-5pvq",
"ghsa-7h2j-956f-4vf2",
"ghsa-7r86-cg39-jmmj",
"ghsa-83g3-92jg-28cx",
"ghsa-8gc5-j5rx-235r",
"ghsa-8wc6-vgrq-x6cf",
"ghsa-9ppj-qmqm-q256",
"ghsa-f269-vfmq-vjvj",
"ghsa-fj3w-jwp8-x2g3",
"ghsa-jmr7-xgp7-cmfj",
"ghsa-m7jm-9gc2-mpf2",
"ghsa-phc3-fgpg-7m6h",
"ghsa-qffp-2rhf-9h96",
"ghsa-qpx9-hpmf-5gmw",
"ghsa-r275-fr43-pm7q",
"ghsa-v9p9-hfj2-hcw8",
"ghsa-vrm6-8vpv-qv8q",
"ghsa-w7fw-mjwx-w883"
]
}
cleanstart-2026-dv49099
Vulnerability from cleanstart
Published
2026-04-01 09:31
Modified
2026-03-23 10:49
Summary
Security fixes for CVE-2025-64756, CVE-2025-69873, CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2327, CVE-2026-23745, CVE-2026-2391, CVE-2026-24842, CVE-2026-25128, CVE-2026-25547, CVE-2026-2581, CVE-2026-25896, CVE-2026-26278, CVE-2026-26960, CVE-2026-27601, CVE-2026-27903, CVE-2026-27904, CVE-2026-27942, CVE-2026-28292, CVE-2026-29786, CVE-2026-31802, CVE-2026-32141, CVE-2026-33036, ghsa-23c5-xmqv-rm74, ghsa-25h7-pfq9-p65f, ghsa-2g4f-4pwh-qvx6, ghsa-2mjp-6q6p-2qxm, ghsa-34x7-hfp2-rc4v, ghsa-37qj-frw5-hhjh, ghsa-38c4-r59v-3vqw, ghsa-3ppc-4f35-3m26, ghsa-4992-7rv2-5pvq, ghsa-5j98-mcp5-4vw2, ghsa-73rr-hh4g-fpgx, ghsa-7h2j-956f-4vf2, ghsa-7r86-cg39-jmmj, ghsa-83g3-92jg-28cx, ghsa-8gc5-j5rx-235r, ghsa-8qq5-rm4j-mr97, ghsa-8wc6-vgrq-x6cf, ghsa-9ppj-qmqm-q256, ghsa-f269-vfmq-vjvj, ghsa-fj3w-jwp8-x2g3, ghsa-jmr7-xgp7-cmfj, ghsa-m7jm-9gc2-mpf2, ghsa-phc3-fgpg-7m6h, ghsa-qffp-2rhf-9h96, ghsa-qpx9-hpmf-5gmw, ghsa-r275-fr43-pm7q, ghsa-r6q2-hw4h-h46w, ghsa-v9p9-hfj2-hcw8, ghsa-vrm6-8vpv-qv8q, ghsa-w7fw-mjwx-w883 applied in versions: 43.4.4-r0
Details
Multiple security vulnerabilities affect the renovate package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "renovate"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "43.4.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the renovate package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DV49099",
"modified": "2026-03-23T10:49:42Z",
"published": "2026-04-01T09:31:16.419730Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DV49099.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-64756"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1527"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1528"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2327"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-23745"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2391"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25128"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25547"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2581"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25896"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26278"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26960"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27601"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27904"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27942"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-28292"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29786"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-31802"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33036"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-23c5-xmqv-rm74"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-25h7-pfq9-p65f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g4f-4pwh-qvx6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2mjp-6q6p-2qxm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-34x7-hfp2-rc4v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37qj-frw5-hhjh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38c4-r59v-3vqw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3ppc-4f35-3m26"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4992-7rv2-5pvq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5j98-mcp5-4vw2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-73rr-hh4g-fpgx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7h2j-956f-4vf2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7r86-cg39-jmmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-83g3-92jg-28cx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8gc5-j5rx-235r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8qq5-rm4j-mr97"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8wc6-vgrq-x6cf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9ppj-qmqm-q256"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f269-vfmq-vjvj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fj3w-jwp8-x2g3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jmr7-xgp7-cmfj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m7jm-9gc2-mpf2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-phc3-fgpg-7m6h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qffp-2rhf-9h96"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qpx9-hpmf-5gmw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r275-fr43-pm7q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r6q2-hw4h-h46w"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v9p9-hfj2-hcw8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrm6-8vpv-qv8q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w7fw-mjwx-w883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2327"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23745"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2391"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26960"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28292"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29786"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31802"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-64756, CVE-2025-69873, CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2327, CVE-2026-23745, CVE-2026-2391, CVE-2026-24842, CVE-2026-25128, CVE-2026-25547, CVE-2026-2581, CVE-2026-25896, CVE-2026-26278, CVE-2026-26960, CVE-2026-27601, CVE-2026-27903, CVE-2026-27904, CVE-2026-27942, CVE-2026-28292, CVE-2026-29786, CVE-2026-31802, CVE-2026-32141, CVE-2026-33036, ghsa-23c5-xmqv-rm74, ghsa-25h7-pfq9-p65f, ghsa-2g4f-4pwh-qvx6, ghsa-2mjp-6q6p-2qxm, ghsa-34x7-hfp2-rc4v, ghsa-37qj-frw5-hhjh, ghsa-38c4-r59v-3vqw, ghsa-3ppc-4f35-3m26, ghsa-4992-7rv2-5pvq, ghsa-5j98-mcp5-4vw2, ghsa-73rr-hh4g-fpgx, ghsa-7h2j-956f-4vf2, ghsa-7r86-cg39-jmmj, ghsa-83g3-92jg-28cx, ghsa-8gc5-j5rx-235r, ghsa-8qq5-rm4j-mr97, ghsa-8wc6-vgrq-x6cf, ghsa-9ppj-qmqm-q256, ghsa-f269-vfmq-vjvj, ghsa-fj3w-jwp8-x2g3, ghsa-jmr7-xgp7-cmfj, ghsa-m7jm-9gc2-mpf2, ghsa-phc3-fgpg-7m6h, ghsa-qffp-2rhf-9h96, ghsa-qpx9-hpmf-5gmw, ghsa-r275-fr43-pm7q, ghsa-r6q2-hw4h-h46w, ghsa-v9p9-hfj2-hcw8, ghsa-vrm6-8vpv-qv8q, ghsa-w7fw-mjwx-w883 applied in versions: 43.4.4-r0",
"upstream": [
"CVE-2025-64756",
"CVE-2025-69873",
"CVE-2026-1525",
"CVE-2026-1526",
"CVE-2026-1527",
"CVE-2026-1528",
"CVE-2026-2229",
"CVE-2026-2327",
"CVE-2026-23745",
"CVE-2026-2391",
"CVE-2026-24842",
"CVE-2026-25128",
"CVE-2026-25547",
"CVE-2026-2581",
"CVE-2026-25896",
"CVE-2026-26278",
"CVE-2026-26960",
"CVE-2026-27601",
"CVE-2026-27903",
"CVE-2026-27904",
"CVE-2026-27942",
"CVE-2026-28292",
"CVE-2026-29786",
"CVE-2026-31802",
"CVE-2026-32141",
"CVE-2026-33036",
"ghsa-23c5-xmqv-rm74",
"ghsa-25h7-pfq9-p65f",
"ghsa-2g4f-4pwh-qvx6",
"ghsa-2mjp-6q6p-2qxm",
"ghsa-34x7-hfp2-rc4v",
"ghsa-37qj-frw5-hhjh",
"ghsa-38c4-r59v-3vqw",
"ghsa-3ppc-4f35-3m26",
"ghsa-4992-7rv2-5pvq",
"ghsa-5j98-mcp5-4vw2",
"ghsa-73rr-hh4g-fpgx",
"ghsa-7h2j-956f-4vf2",
"ghsa-7r86-cg39-jmmj",
"ghsa-83g3-92jg-28cx",
"ghsa-8gc5-j5rx-235r",
"ghsa-8qq5-rm4j-mr97",
"ghsa-8wc6-vgrq-x6cf",
"ghsa-9ppj-qmqm-q256",
"ghsa-f269-vfmq-vjvj",
"ghsa-fj3w-jwp8-x2g3",
"ghsa-jmr7-xgp7-cmfj",
"ghsa-m7jm-9gc2-mpf2",
"ghsa-phc3-fgpg-7m6h",
"ghsa-qffp-2rhf-9h96",
"ghsa-qpx9-hpmf-5gmw",
"ghsa-r275-fr43-pm7q",
"ghsa-r6q2-hw4h-h46w",
"ghsa-v9p9-hfj2-hcw8",
"ghsa-vrm6-8vpv-qv8q",
"ghsa-w7fw-mjwx-w883"
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…