Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-44496 (GCVE-0-2026-44496)
Vulnerability from cvelistv5 – Published: 2026-06-11 15:34 – Updated: 2026-07-02 12:04{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44496",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T17:21:54.440483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T17:22:09.558Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "affected",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Broker 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:podman_desktop:0"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Podman Desktop - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_profile_analyzer:2"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Profile Analyzer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_portal:2"
],
"defaultStatus": "affected",
"product": "Self-service automation portal 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "unaffected",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_spring_boot:4"
],
"defaultStatus": "unaffected",
"product": "Red Hat build of Apache Camel for Spring Boot 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
}
],
"datePublic": "2026-06-11T15:34:28.492Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-02T12:04:53.482Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"name": "RHBZ#2487943",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44496.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:30651"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29197"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28964"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29082"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27063"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27044"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33155"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33160"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33163"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33173"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:30076"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28571"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:30650"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:30651: Red Hat Advanced Cluster Management for Kubernetes 2.13"
},
{
"lang": "en",
"value": "RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:20938: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:26234: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:29197: Red Hat Discovery 2"
},
{
"lang": "en",
"value": "RHSA-2026:28964: Red Hat OpenShift Container Platform 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:29082: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:27063: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:27044: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:33155: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:33160: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:33163: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:33173: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:33183: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:33683: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:30076: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:28571: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:30650: multicluster engine for Kubernetes 2.8"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-11T17:01:15.856Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-06-11T15:34:28.492Z",
"value": "Made public."
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "axios",
"vendor": "axios",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.16.0"
},
{
"status": "affected",
"version": "\u003c 0.32.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause expensive regex backtracking while axios reads document.cookie. The practical impact is client-side availability degradation, such as freezing the affected browser tab while axios prepares a request. The issue does not affect ordinary Node.js HTTP adapter usage, React Native, or web workers, where axios does not read document.cookie. This vulnerability is fixed in 0.32.0 and 1.16.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T15:34:28.492Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"source": {
"advisory": "GHSA-hfxv-24rg-xrqf",
"discovery": "UNKNOWN"
},
"title": "Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-44496",
"datePublished": "2026-06-11T15:34:28.492Z",
"dateReserved": "2026-05-06T18:28:20.885Z",
"dateUpdated": "2026-07-02T12:04:53.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-44496",
"date": "2026-07-05",
"epss": "0.00645",
"percentile": "0.46462"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-44496\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-11T17:16:33.590\",\"lastModified\":\"2026-07-02T12:17:24.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause expensive regex backtracking while axios reads document.cookie. The practical impact is client-side availability degradation, such as freezing the affected browser tab while axios prepares a request. The issue does not affect ordinary Node.js HTTP adapter usage, React Native, or web workers, where axios does not read document.cookie. This vulnerability is fixed in 0.32.0 and 1.16.0.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"axios\",\"product\":\"axios\",\"versions\":[{\"version\":\"\u003e= 1.0.0, \u003c 1.16.0\",\"status\":\"affected\"},{\"version\":\"\u003c 0.32.0\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Discovery 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:discovery:2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.21\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.21::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Applications 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_applications:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhmt:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Network Observability Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:network_observ_optr:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Broker 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_broker:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel - HawtIO 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apicurio_registry:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Podman Desktop - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:podman_desktop:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Data Grid 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_data_grid:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Fuse 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_fuse:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Profile Analyzer\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_profile_analyzer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Self-service automation portal 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_portal:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Gatekeeper 3\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:gatekeeper:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 3\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat 3scale API Management Platform 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:red_hat_3scale_amp:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel for Spring Boot 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:camel_spring_boot:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-11T17:21:54.440483Z\",\"id\":\"CVE-2026-44496\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"},{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"0.32.0\",\"matchCriteriaId\":\"CC9D9AB4-047A-4638-AF10-7D08587A01C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.16.0\",\"matchCriteriaId\":\"BE82EB7B-A379-416F-9737-4191F720B8C6\"}]}]}],\"references\":[{\"url\":\"https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20889\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20938\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26234\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27044\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27063\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28571\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28964\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29082\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29197\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:30076\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:30650\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:30651\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33155\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33160\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33163\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33173\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33183\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33574\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33683\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-44496\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2487943\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44496.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:acm:2.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.21::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.21\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:migration_toolkit_applications:8\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Applications 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhmt:1\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:network_observ_optr:1\"], \"vendor\": \"Red Hat\", \"product\": \"Network Observability Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_broker:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Broker 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel - HawtIO 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apicurio_registry:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:podman_desktop:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Podman Desktop - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_data_grid:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Data Grid 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_fuse:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Fuse 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_profile_analyzer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Profile Analyzer\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_portal:2\"], \"vendor\": \"Red Hat\", \"product\": \"Self-service automation portal 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:gatekeeper:3\"], \"vendor\": \"Red Hat\", \"product\": \"Gatekeeper 3\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_3scale_amp:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat 3scale API Management Platform 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:camel_spring_boot:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel for Spring Boot 4\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-06-11T17:01:15.856Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-06-11T15:34:28.492Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:30651: Red Hat Advanced Cluster Management for Kubernetes 2.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20938: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33574: Red Hat Developer Hub 1.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26234: Red Hat Developer Hub 1.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29197: Red Hat Discovery 2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28964: Red Hat OpenShift Container Platform 4.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29082: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27063: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27044: Red Hat OpenShift Container Platform 4.21\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33155: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33160: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33163: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33173: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33183: Red Hat OpenShift Service Mesh 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33683: Red Hat Quay 3.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:30076: Red Hat Quay 3.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28571: Red Hat Quay 3.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:30650: multicluster engine for Kubernetes 2.8\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-06-11T15:34:28.492Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-44496\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2487943\", \"name\": \"RHBZ#2487943\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44496.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:30651\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20889\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20938\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33574\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26234\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29197\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28964\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29082\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27063\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27044\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33155\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33160\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33163\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33173\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33183\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33683\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:30076\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28571\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:30650\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1333\", \"description\": \"Inefficient Regular Expression Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-02T12:04:53.482Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-44496\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-11T17:21:54.440483Z\"}}}], \"references\": [{\"url\": \"https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-11T17:22:03.769Z\"}}], \"cna\": {\"title\": \"Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection\", \"source\": {\"advisory\": \"GHSA-hfxv-24rg-xrqf\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"axios\", \"product\": \"axios\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.0.0, \u003c 1.16.0\"}, {\"status\": \"affected\", \"version\": \"\u003c 0.32.0\"}]}], \"references\": [{\"url\": \"https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf\", \"name\": \"https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause expensive regex backtracking while axios reads document.cookie. The practical impact is client-side availability degradation, such as freezing the affected browser tab while axios prepares a request. The issue does not affect ordinary Node.js HTTP adapter usage, React Native, or web workers, where axios does not read document.cookie. This vulnerability is fixed in 0.32.0 and 1.16.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1333\", \"description\": \"CWE-1333: Inefficient Regular Expression Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-11T15:34:28.492Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-44496\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-02T12:04:53.482Z\", \"dateReserved\": \"2026-05-06T18:28:20.885Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-11T15:34:28.492Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:33683
Vulnerability from csaf_redhat - Published: 2026-06-30 18:09 - Updated: 2026-07-06 05:57A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x | — |
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x | — |
A flaw was found in kafka-python. A malicious or machine-in-the-middle broker could exploit a denial-of-service vulnerability during SCRAM authentication. By providing an excessively large iteration count, the broker can cause the client's event loop to freeze. This prevents critical operations such as sending messages, polling for new messages, and maintaining heartbeats, ultimately leading to consumer group eviction and persistent connection failures.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x | — |
Workaround
|
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x | — |
A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x | — |
Workaround
|
A flaw was found in PyJWT, a Python library for JSON Web Token (JWT) implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys (JWK) in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the secret key for the HMAC algorithm, leading to the ability to forge JWTs. This vulnerability can result in authentication bypass or unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.10.23 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.10.23",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33683",
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-10143",
"url": "https://access.redhat.com/security/cve/CVE-2026-10143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48526",
"url": "https://access.redhat.com/security/cve/CVE-2026-48526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6322",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33683.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.10.23",
"tracking": {
"current_release_date": "2026-07-06T05:57:03+00:00",
"generator": {
"date": "2026-07-06T05:57:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33683",
"initial_release_date": "2026-06-30T18:09:16+00:00",
"revision_history": [
{
"date": "2026-06-30T18:09:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-30T18:09:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-06T05:57:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.10",
"product": {
"name": "Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1782334437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ab3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1782332130"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ac8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1782333017"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aa040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1782331379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ada8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1782332508"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1781620407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ae51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1782331561"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1782492284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aafa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1782331416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1782487717"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1782332130"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1782331379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1781620407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1782331561"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1782331416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Aa5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1782487717"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1782332130"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1782331379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1781620407"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1782331561"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Af486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1782331416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ac7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1782487717"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6322",
"cwe": {
"id": "CWE-140",
"name": "Improper Neutralization of Delimiters"
},
"discovery_date": "2026-05-05T11:01:00.332189+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI\u0027s intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the `fast-uri` library allows an attacker to bypass security controls in Red Hat products that process Uniform Resource Identifiers (URIs). By crafting a malicious URI with percent-encoded authority delimiters, an attacker can cause the library to incorrectly interpret the URI\u0027s authority, potentially redirecting applications to an unintended domain. This could lead to a bypass of host allowlist checks, redirect validation, or outbound request routing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "RHBZ#2466684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6322",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
}
],
"release_date": "2026-05-05T10:29:16.378000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T18:09:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling"
},
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T18:09:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-10143",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-06-10T21:02:14.712750+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487722"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kafka-python. A malicious or machine-in-the-middle broker could exploit a denial-of-service vulnerability during SCRAM authentication. By providing an excessively large iteration count, the broker can cause the client\u0027s event loop to freeze. This prevents critical operations such as sending messages, polling for new messages, and maintaining heartbeats, ultimately leading to consumer group eviction and persistent connection failures.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-10143"
},
{
"category": "external",
"summary": "RHBZ#2487722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-10143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-10143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10143"
},
{
"category": "external",
"summary": "https://github.com/dpkp/kafka-python/commit/6e4831444f972d169cdd11f5c8d50333cea3f19b",
"url": "https://github.com/dpkp/kafka-python/commit/6e4831444f972d169cdd11f5c8d50333cea3f19b"
},
{
"category": "external",
"summary": "https://github.com/dpkp/kafka-python/pull/3019",
"url": "https://github.com/dpkp/kafka-python/pull/3019"
},
{
"category": "external",
"summary": "https://github.com/dpkp/kafka-python/pull/3026",
"url": "https://github.com/dpkp/kafka-python/pull/3026"
},
{
"category": "external",
"summary": "https://www.vulncheck.com/advisories/kafka-python-prior-to-dos-via-scram-iteration-count-in-scram-py",
"url": "https://www.vulncheck.com/advisories/kafka-python-prior-to-dos-via-scram-iteration-count-in-scram-py"
}
],
"release_date": "2026-06-10T20:22:39.262000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T18:09:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T18:09:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
},
{
"cve": "CVE-2026-44496",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-06-11T17:01:15.856386+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Axios can lead to a client-side Denial of Service. An attacker capable of influencing the XSRF cookie name within a browser environment could trigger excessive regular expression processing, causing the affected browser tab to freeze and degrade user availability. This issue specifically impacts browser-based applications and does not affect Node.js HTTP adapter usage, React Native, or web workers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "RHBZ#2487943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"release_date": "2026-06-11T15:34:28.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T18:09:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
},
{
"cve": "CVE-2026-48526",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-05-28T16:01:22.805235+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2482734"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PyJWT, a Python library for JSON Web Token (JWT) implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys (JWK) in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer\u0027s public key as the secret key for the HMAC algorithm, leading to the ability to forge JWTs. This vulnerability can result in authentication bypass or unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in PyJWT allows for authentication bypass and unauthorized access. It occurs when a JWT verifier is misconfigured to accept both symmetric and asymmetric algorithms, and a public JSON Web Key is erroneously used as the HMAC secret. Red Hat products are only affected if they utilize this specific, non-standard verifier configuration.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48526"
},
{
"category": "external",
"summary": "RHBZ#2482734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
},
{
"category": "external",
"summary": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx",
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx"
}
],
"release_date": "2026-05-28T15:09:09.258000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T18:09:16+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33683"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens"
}
]
}
WID-SEC-W-2026-1955
Vulnerability from csaf_certbund - Published: 2026-06-16 22:00 - Updated: 2026-06-17 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nFisheye ist ein Quellcode-Repository-Browser f\u00fcr Unternehmensteams. \r\nCrucible ist eine Code-Review-L\u00f6sung f\u00fcr Unternehmensteams.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management ausnutzen, um beliebigen Code auszuf\u00fchren, erweiterte Berechtigungen zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand auszul\u00f6sen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1955 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1955.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1955 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin Juni vom 2026-06-16",
"url": "https://confluence.atlassian.com/security/security-bulletin-june-16-2026-1796309326.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:22380 vom 2026-06-18",
"url": "https://access.redhat.com/errata/RHSA-2026:22380"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-17T22:00:00.000+00:00",
"generator": {
"date": "2026-06-18T07:59:55.017+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1955",
"initial_release_date": "2026-06-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-17T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c12.1.8",
"product": {
"name": "Atlassian Bamboo Data Center \u003c12.1.8",
"product_id": "T055489"
}
},
{
"category": "product_version",
"name": "Data Center 12.1.8",
"product": {
"name": "Atlassian Bamboo Data Center 12.1.8",
"product_id": "T055489-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__12.1.8"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.20",
"product": {
"name": "Atlassian Bamboo Data Center \u003c10.2.20",
"product_id": "T055490"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.20",
"product": {
"name": "Atlassian Bamboo Data Center 10.2.20",
"product_id": "T055490-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__10.2.20"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.4",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.2.4",
"product_id": "T055492"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.4",
"product": {
"name": "Atlassian Bitbucket Data Center 10.2.4",
"product_id": "T055492-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.2.4"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.21",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.21",
"product_id": "T055493"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.21",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.21",
"product_id": "T055493-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.21"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.1",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.3.1",
"product_id": "T055494"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.1",
"product": {
"name": "Atlassian Bitbucket Data Center 10.3.1",
"product_id": "T055494-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.3.1"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.13",
"product": {
"name": "Atlassian Confluence Data Center \u003c10.2.13",
"product_id": "T055495"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.13",
"product": {
"name": "Atlassian Confluence Data Center 10.2.13",
"product_id": "T055495-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__10.2.13"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.21",
"product": {
"name": "Atlassian Confluence Data Center \u003c9.2.21",
"product_id": "T055496"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.21",
"product": {
"name": "Atlassian Confluence Data Center 9.2.21",
"product_id": "T055496-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__9.2.21"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.9.11",
"product": {
"name": "Atlassian Crucible \u003c4.9.11",
"product_id": "T055498"
}
},
{
"category": "product_version",
"name": "4.9.11",
"product": {
"name": "Atlassian Crucible 4.9.11",
"product_id": "T055498-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:crucible:4.9.11"
}
}
}
],
"category": "product_name",
"name": "Crucible"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.9.11",
"product": {
"name": "Atlassian Fisheye \u003c4.9.11",
"product_id": "T055497"
}
},
{
"category": "product_version",
"name": "4.9.11",
"product": {
"name": "Atlassian Fisheye 4.9.11",
"product_id": "T055497-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:fisheye:4.9.11"
}
}
}
],
"category": "product_name",
"name": "Fisheye"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c11.3.7",
"product": {
"name": "Atlassian Jira Data Center \u003c11.3.7",
"product_id": "T055499"
}
},
{
"category": "product_version",
"name": "Data Center 11.3.7",
"product": {
"name": "Atlassian Jira Data Center 11.3.7",
"product_id": "T055499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.3.7"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.22",
"product": {
"name": "Atlassian Jira Data Center \u003c10.3.22",
"product_id": "T055500"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.22",
"product": {
"name": "Atlassian Jira Data Center 10.3.22",
"product_id": "T055500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__10.3.22"
}
}
},
{
"category": "product_version_range",
"name": "Service Management Data Center and Server \u003c11.3.7",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server \u003c11.3.7",
"product_id": "T055501"
}
},
{
"category": "product_version",
"name": "Service Management Data Center and Server 11.3.7",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server 11.3.7",
"product_id": "T055501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management_data_center_and_server__11.3.7"
}
}
},
{
"category": "product_version_range",
"name": "Service Management Data Center and Server \u003c10.3.22",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server \u003c10.3.22",
"product_id": "T055502"
}
},
{
"category": "product_version",
"name": "Service Management Data Center and Server 10.3.22",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server 10.3.22",
"product_id": "T055502-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management_data_center_and_server__10.3.22"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11272",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2019-11272"
},
{
"cve": "CVE-2021-3803",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2022-1471",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-22965",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-22965"
},
{
"cve": "CVE-2022-22978",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-22978"
},
{
"cve": "CVE-2022-31692",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-31692"
},
{
"cve": "CVE-2024-22257",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2026-22732",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-22732"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-26996",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-26996"
},
{
"cve": "CVE-2026-27903",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-27903"
},
{
"cve": "CVE-2026-27904",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-27904"
},
{
"cve": "CVE-2026-29129",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-29129"
},
{
"cve": "CVE-2026-33870",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-33870"
},
{
"cve": "CVE-2026-33871",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-33871"
},
{
"cve": "CVE-2026-34077",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34077"
},
{
"cve": "CVE-2026-34486",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34486"
},
{
"cve": "CVE-2026-34487",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34487"
},
{
"cve": "CVE-2026-40175",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-40175"
},
{
"cve": "CVE-2026-41044",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41044"
},
{
"cve": "CVE-2026-41284",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41284"
},
{
"cve": "CVE-2026-41293",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41293"
},
{
"cve": "CVE-2026-42033",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42033"
},
{
"cve": "CVE-2026-42035",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42035"
},
{
"cve": "CVE-2026-42038",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42038"
},
{
"cve": "CVE-2026-42043",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42043"
},
{
"cve": "CVE-2026-42198",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42198"
},
{
"cve": "CVE-2026-42211",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42211"
},
{
"cve": "CVE-2026-42264",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42264"
},
{
"cve": "CVE-2026-42342",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42342"
},
{
"cve": "CVE-2026-42498",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42498"
},
{
"cve": "CVE-2026-42579",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42579"
},
{
"cve": "CVE-2026-42581",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42581"
},
{
"cve": "CVE-2026-42583",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42583"
},
{
"cve": "CVE-2026-42584",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42584"
},
{
"cve": "CVE-2026-42585",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42585"
},
{
"cve": "CVE-2026-42587",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42587"
},
{
"cve": "CVE-2026-43512",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43512"
},
{
"cve": "CVE-2026-43513",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43513"
},
{
"cve": "CVE-2026-43515",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43515"
},
{
"cve": "CVE-2026-44486",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44486"
},
{
"cve": "CVE-2026-44487",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44487"
},
{
"cve": "CVE-2026-44488",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44488"
},
{
"cve": "CVE-2026-44492",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44492"
},
{
"cve": "CVE-2026-44495",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44495"
},
{
"cve": "CVE-2026-44496",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44496"
},
{
"cve": "CVE-2026-45149",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-45149"
},
{
"cve": "CVE-2026-45736",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-45736"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.