Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-46625 (GCVE-0-2026-46625)
Vulnerability from cvelistv5 – Published: 2026-06-10 21:18 – Updated: 2026-07-08 12:05| URL | Tags |
|---|---|
| https://github.com/js-cookie/js-cookie/security/a… | x_refsource_CONFIRM |
| https://github.com/js-cookie/js-cookie/commit/eb3… | x_refsource_MISC |
| https://github.com/js-cookie/js-cookie/releases/t… | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-46625 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2487740 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:36625 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33183 | vendor-advisoryx_refsource_REDHAT |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-46625",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T14:46:15.083511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T16:14:53.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unknown",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "unknown",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_portal:2"
],
"defaultStatus": "unknown",
"product": "Self-service automation portal 2",
"vendor": "Red Hat"
}
],
"datePublic": "2026-06-10T21:18:05.372Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie\u0027s attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-915",
"description": "Improperly Controlled Modification of Dynamically-Determined Object Attributes",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T12:05:45.261Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"name": "RHBZ#2487740",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487740"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46625.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:33183: Red Hat OpenShift Service Mesh 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-10T22:01:17.685Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-06-10T21:18:05.372Z",
"value": "Made public."
}
],
"title": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "js-cookie",
"vendor": "js-cookie",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie\u0027s internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object\u0027s \"__proto__\" member is an own enumerable property, so the for\u2026in enumerates it and the target[key] = source[key] write triggers the Object.prototype.__proto__ setter on the fresh target ({}). The result is a per-instance prototype hijack: Object.prototype itself is untouched, but the merged attributes object now inherits attacker-controlled keys. Because the consuming set() function then enumerates the merged object with another for...in, every key the attacker placed on the polluted prototype lands in the resulting Set-Cookie string as an attribute pair. The attacker can set domain=, secure=, samesite=, expires=, and path= on cookies whose attributes the developer thought were locked down. This issue has been patched in version 3.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T21:18:05.372Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
},
{
"name": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020"
},
{
"name": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7"
}
],
"source": {
"advisory": "GHSA-qjx8-664m-686j",
"discovery": "UNKNOWN"
},
"title": "JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-46625",
"datePublished": "2026-06-10T21:18:05.372Z",
"dateReserved": "2026-05-15T19:34:14.013Z",
"dateUpdated": "2026-07-08T12:05:45.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-46625",
"date": "2026-07-08",
"epss": "0.00422",
"percentile": "0.34033"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-46625\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-10T22:16:59.613\",\"lastModified\":\"2026-07-08T13:16:49.640\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie\u0027s internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object\u0027s \\\"__proto__\\\" member is an own enumerable property, so the for\u2026in enumerates it and the target[key] = source[key] write triggers the Object.prototype.__proto__ setter on the fresh target ({}). The result is a per-instance prototype hijack: Object.prototype itself is untouched, but the merged attributes object now inherits attacker-controlled keys. Because the consuming set() function then enumerates the merged object with another for...in, every key the attacker placed on the polluted prototype lands in the resulting Set-Cookie string as an attribute pair. The attacker can set domain=, secure=, samesite=, expires=, and path= on cookies whose attributes the developer thought were locked down. This issue has been patched in version 3.0.7.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"js-cookie\",\"product\":\"js-cookie\",\"versions\":[{\"version\":\"\u003c 3.0.7\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat 3scale API Management Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:red_hat_3scale_amp:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform Expansion Pack\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jbosseapxp\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Discovery 2\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:discovery:2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Self-service automation portal 2\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:ansible_portal:2\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-11T14:46:15.083511Z\",\"id\":\"CVE-2026-46625\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1321\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-915\"}]}],\"references\":[{\"url\":\"https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33183\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36625\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-46625\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2487740\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46625.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_lightspeed\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Lightspeed\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_3scale_amp:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat 3scale API Management Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_portal:2\"], \"vendor\": \"Red Hat\", \"product\": \"Self-service automation portal 2\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-06-10T22:01:17.685Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-06-10T21:18:05.372Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33183: Red Hat OpenShift Service Mesh 3.3\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-06-10T21:18:05.372Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-46625\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2487740\", \"name\": \"RHBZ#2487740\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46625.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36625\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33183\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie\u0027s attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-915\", \"description\": \"Improperly Controlled Modification of Dynamically-Determined Object Attributes\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-08T12:05:45.261Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-46625\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-11T14:46:15.083511Z\"}}}], \"references\": [{\"url\": \"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-11T14:46:50.296Z\"}}], \"cna\": {\"title\": \"JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection\", \"source\": {\"advisory\": \"GHSA-qjx8-664m-686j\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"js-cookie\", \"product\": \"js-cookie\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.0.7\"}]}], \"references\": [{\"url\": \"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j\", \"name\": \"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020\", \"name\": \"https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7\", \"name\": \"https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie\u0027s internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object\u0027s \\\"__proto__\\\" member is an own enumerable property, so the for\\u2026in enumerates it and the target[key] = source[key] write triggers the Object.prototype.__proto__ setter on the fresh target ({}). The result is a per-instance prototype hijack: Object.prototype itself is untouched, but the merged attributes object now inherits attacker-controlled keys. Because the consuming set() function then enumerates the merged object with another for...in, every key the attacker placed on the polluted prototype lands in the resulting Set-Cookie string as an attribute pair. The attacker can set domain=, secure=, samesite=, expires=, and path= on cookies whose attributes the developer thought were locked down. This issue has been patched in version 3.0.7.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1321\", \"description\": \"CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-10T21:18:05.372Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-46625\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-08T12:05:45.261Z\", \"dateReserved\": \"2026-05-15T19:34:14.013Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-10T21:18:05.372Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-46625
Vulnerability from fkie_nvd - Published: 2026-06-10 22:16 - Updated: 2026-07-08 13:167.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
| Vendor | Product | Version |
|---|
{
"affected": [
{
"affectedData": [
{
"product": "js-cookie",
"vendor": "js-cookie",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.7"
}
]
}
],
"source": "security-advisories@github.com"
},
{
"affectedData": [
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unknown",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "unknown",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_portal:2"
],
"defaultStatus": "unknown",
"product": "Self-service automation portal 2",
"vendor": "Red Hat"
}
],
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie\u0027s internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object\u0027s \"__proto__\" member is an own enumerable property, so the for\u2026in enumerates it and the target[key] = source[key] write triggers the Object.prototype.__proto__ setter on the fresh target ({}). The result is a per-instance prototype hijack: Object.prototype itself is untouched, but the merged attributes object now inherits attacker-controlled keys. Because the consuming set() function then enumerates the merged object with another for...in, every key the attacker placed on the polluted prototype lands in the resulting Set-Cookie string as an attribute pair. The attacker can set domain=, secure=, samesite=, expires=, and path= on cookies whose attributes the developer thought were locked down. This issue has been patched in version 3.0.7."
}
],
"id": "CVE-2026-46625",
"lastModified": "2026-07-08T13:16:49.640",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-46625",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "yes"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T14:46:15.083511Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-10T22:16:59.613",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487740"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46625.json"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-915"
}
],
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"type": "Secondary"
}
]
}
GHSA-QJX8-664M-686J
Vulnerability from github – Published: 2026-05-21 21:20 – Updated: 2026-06-11 14:05Summary
js-cookie's internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object's "__proto__" member is an own enumerable property, so the for…in enumerates it and the target[key] = source[key] write triggers the Object.prototype.__proto__ setter on the fresh target ({}). The result is a per-instance prototype hijack: Object.prototype itself is untouched, but the merged attributes object now inherits attacker-controlled keys.
Because the consuming set() function then enumerates the merged object with another for...in, every key the attacker placed on the polluted prototype lands in the resulting Set-Cookie string as an attribute pair. The attacker can set domain=, secure=, samesite=, expires=, and path= on cookies whose attributes the developer thought were locked down.
Impact
Any application that forwards a JSON-derived object as the attributes argument to Cookies.set, Cookies.remove, Cookies.withAttributes, or Cookies.withConverter is vulnerable. This is the standard pattern when cookie configuration comes from a backend:
const cfg = await fetch('/config').then(r => r.json());
Cookies.set('session', token, cfg.cookieAttrs); // cfg.cookieAttrs influenced by attacker
A payload of {"__proto__":{"domain":"evil.example","secure":"false","samesite":"None"}} causes js-cookie to emit:
Set-Cookie: session=TOKEN; path=/; domain=evil.example; secure=false; samesite=None
Affected code
// src/assign.mjs — full file
export default function (target) {
for (var i = 1; i < arguments.length; i++) {
var source = arguments[i]
for (var key in source) { // includes own enumerable '__proto__'
target[key] = source[key] // [[Set]] form - fires __proto__ setter
}
}
return target
}
Proof of concept
Node 22.11.0, no third-party deps:
Environment setup
mkdir -p /tmp/jscookie-poc && cd /tmp/jscookie-poc
npm init -y
npm i js-cookie
PoC
ubuntu@kuber:/tmp/jscookie-poc$ cat poc.mjs
let lastSetCookie = '';
globalThis.document = {
get cookie() { return ''; },
set cookie(v) { lastSetCookie = v; }
};
const { default: Cookies } = await import('js-cookie');
const attackerAttrs = JSON.parse(
'{"__proto__":{"secure":"false","domain":"evil.com","samesite":"None","expires":-1}}'
);
Cookies.set('session', 'TOKEN', attackerAttrs);
console.log('Set-Cookie that js-cookie wrote to document.cookie:');
console.log(lastSetCookie);
Execution:
Suggested patch
--- a/src/assign.mjs
+++ b/src/assign.mjs
@@
export default function (target) {
for (var i = 1; i < arguments.length; i++) {
var source = arguments[i]
- for (var key in source) {
- target[key] = source[key]
- }
+ for (var key in source) {
+ if (key === '__proto__' || key === 'constructor' || key === 'prototype') continue
+ Object.defineProperty(target, key, {
+ value: source[key],
+ writable: true,
+ enumerable: true,
+ configurable: true,
+ })
+ }
}
return target
}
Equivalent one-liner alternative - iterate own names only and filter:
for (const key of Object.getOwnPropertyNames(source)) {
if (key === '__proto__') continue
target[key] = source[key]
}
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.5"
},
"package": {
"ecosystem": "npm",
"name": "js-cookie"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-46625"
],
"database_specific": {
"cwe_ids": [
"CWE-1321"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-21T21:20:31Z",
"nvd_published_at": "2026-06-10T22:16:59Z",
"severity": "HIGH"
},
"details": "## Summary\n\n`js-cookie`\u0027s internal `assign()` helper copies properties with `for...in` + plain assignment. When the source object is produced by `JSON.parse`, the JSON object\u0027s `\"__proto__\"` member is an *own enumerable* property, so the `for\u2026in` enumerates it and the `target[key] = source[key]` write triggers the **`Object.prototype.__proto__` setter** on the fresh `target` (`{}`). The result is a per-instance prototype hijack: `Object.prototype` itself is untouched, but the merged `attributes` object now inherits attacker-controlled keys.\n\nBecause the consuming `set()` function then enumerates the merged object with another `for...in`, every key the attacker placed on the polluted prototype lands in the resulting `Set-Cookie` string as an attribute pair. The attacker can set `domain=`, `secure=`, `samesite=`, `expires=`, and `path=` on cookies whose attributes the developer thought were locked down.\n\n## Impact\n\nAny application that forwards a JSON-derived object as the `attributes` argument to `Cookies.set`, `Cookies.remove`, `Cookies.withAttributes`, or `Cookies.withConverter` is vulnerable. This is the standard pattern when cookie configuration comes from a backend:\n\n```js\nconst cfg = await fetch(\u0027/config\u0027).then(r =\u003e r.json());\nCookies.set(\u0027session\u0027, token, cfg.cookieAttrs); // cfg.cookieAttrs influenced by attacker\n```\n\nA payload of `{\"__proto__\":{\"domain\":\"evil.example\",\"secure\":\"false\",\"samesite\":\"None\"}}` causes js-cookie to emit:\n\n```\nSet-Cookie: session=TOKEN; path=/; domain=evil.example; secure=false; samesite=None\n```\n\n## Affected code\n\n```js\n// src/assign.mjs \u2014 full file\nexport default function (target) {\n for (var i = 1; i \u003c arguments.length; i++) {\n var source = arguments[i]\n for (var key in source) { // includes own enumerable \u0027__proto__\u0027\n target[key] = source[key] // [[Set]] form - fires __proto__ setter\n }\n }\n return target\n}\n```\n## Proof of concept\n\nNode 22.11.0, no third-party deps:\n\n### Environment setup\n```bash\nmkdir -p /tmp/jscookie-poc \u0026\u0026 cd /tmp/jscookie-poc\nnpm init -y\nnpm i js-cookie\n```\n\n### PoC\n```js\nubuntu@kuber:/tmp/jscookie-poc$ cat poc.mjs\nlet lastSetCookie = \u0027\u0027;\nglobalThis.document = {\n get cookie() { return \u0027\u0027; },\n set cookie(v) { lastSetCookie = v; }\n};\n\nconst { default: Cookies } = await import(\u0027js-cookie\u0027);\n\nconst attackerAttrs = JSON.parse(\n \u0027{\"__proto__\":{\"secure\":\"false\",\"domain\":\"evil.com\",\"samesite\":\"None\",\"expires\":-1}}\u0027\n);\n\nCookies.set(\u0027session\u0027, \u0027TOKEN\u0027, attackerAttrs);\n\nconsole.log(\u0027Set-Cookie that js-cookie wrote to document.cookie:\u0027);\nconsole.log(lastSetCookie);\n```\n\nExecution:\n\u003cimg width=\"2614\" height=\"1174\" alt=\"cls-2026-05-14-01 44 39\" src=\"https://github.com/user-attachments/assets/120df1fe-7e97-4ca3-904e-ab80d71ecf62\" /\u003e\n\n## Suggested patch\n\n```diff\n--- a/src/assign.mjs\n+++ b/src/assign.mjs\n@@\n export default function (target) {\n for (var i = 1; i \u003c arguments.length; i++) {\n var source = arguments[i]\n- for (var key in source) {\n- target[key] = source[key]\n- }\n+ for (var key in source) {\n+ if (key === \u0027__proto__\u0027 || key === \u0027constructor\u0027 || key === \u0027prototype\u0027) continue\n+ Object.defineProperty(target, key, {\n+ value: source[key],\n+ writable: true,\n+ enumerable: true,\n+ configurable: true,\n+ })\n+ }\n }\n return target\n }\n```\n\nEquivalent one-liner alternative - iterate own names only and filter:\n\n```js\nfor (const key of Object.getOwnPropertyNames(source)) {\n if (key === \u0027__proto__\u0027) continue\n target[key] = source[key]\n}\n```",
"id": "GHSA-qjx8-664m-686j",
"modified": "2026-06-11T14:05:06Z",
"published": "2026-05-21T21:20:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625"
},
{
"type": "WEB",
"url": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020"
},
{
"type": "PACKAGE",
"url": "https://github.com/js-cookie/js-cookie"
},
{
"type": "WEB",
"url": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "JavaScript Cookie: Per-instance prototype hijack in assign() enables cookie-attribute injection"
}
RHSA-2026:33183
Vulnerability from csaf_redhat - Published: 2026-06-29 17:47 - Updated: 2026-07-08 16:13A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting (XSS) by providing untrusted input to the Address6 constructor. When an application renders the output of Address6.group(), Address6.link(), or the AddressError.parseMessage as HTML without proper escaping, the attacker-controlled content can be executed in the user's browser.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie's attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.22.6 for Red Hat OpenShift Service Mesh 3.3 is now available.\nAn update is now available for Red Hat OpenShift Service Mesh 3.3. This advisory contains the RPM packages for the Kiali component.\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.22.6, for Red Hat OpenShift Service Mesh 3.3, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-42338 openshift-service-mesh/kiali-ossmc-rhel9: ip-address: Cross-site scripting via improper HTML escaping of untrusted input (OSSM-14065)\n* CVE-2026-42338 openshift-service-mesh/kiali-rhel9: ip-address: Cross-site scripting via improper HTML escaping of untrusted input (OSSM-14060)\n* CVE-2026-39821 openshift-service-mesh/kiali-rhel9: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (OSSM-14071)\n* CVE-2026-44495 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Information disclosure due to prototype pollution vulnerability (OSSM-14148)\n* CVE-2026-44495 openshift-service-mesh/kiali-rhel9: Axios: Information disclosure due to prototype pollution vulnerability (OSSM-14147)\n* CVE-2026-44488 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Denial of Service due to unenforced request and response size limits (OSSM-14163)\n* CVE-2026-44488 openshift-service-mesh/kiali-rhel9: Axios: Denial of Service due to unenforced request and response size limits (OSSM-14161)\n* CVE-2026-44487 openshift-service-mesh/kiali-rhel9: Axios: Information disclosure of proxy credentials via redirect flows (OSSM-14180)\n* CVE-2026-44487 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Information disclosure of proxy credentials via redirect flows (OSSM-14179)\n* CVE-2026-44494 openshift-service-mesh/kiali-rhel9: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution (OSSM-14196)\n* CVE-2026-44494 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution (OSSM-14198)\n* CVE-2026-44496 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name (OSSM-14205)\n* CVE-2026-44496 openshift-service-mesh/kiali-rhel9: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name (OSSM-14217)\n* CVE-2026-44486 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Information disclosure of proxy credentials via HTTP redirects (OSSM-14189)\n* CVE-2026-44486 openshift-service-mesh/kiali-rhel9: Axios: Information disclosure of proxy credentials via HTTP redirects (OSSM-14221)\n* CVE-2026-44492 openshift-service-mesh/kiali-ossmc-rhel9: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization (OSSM-14228)\n* CVE-2026-44492 openshift-service-mesh/kiali-rhel9: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization (OSSM-14233)\n* CVE-2026-48779 openshift-service-mesh/kiali-rhel9: ws: Denial of Service via memory exhaustion from small WebSocket fragments (OSSM-14315)\n* CVE-2026-48779 openshift-service-mesh/kiali-ossmc-rhel9: ws: Denial of Service via memory exhaustion from small WebSocket fragments (OSSM-14313)\n* CVE-2026-12143 openshift-service-mesh/kiali-ossmc-rhel9: form-data: Form field override via CRLF injection (OSSM-14340)\n* CVE-2026-12143 openshift-service-mesh/kiali-rhel9: form-data: Form field override via CRLF injection (OSSM-14331)\n* CVE-2026-46625 openshift-service-mesh/kiali-ossmc-rhel9: JavaScript Cookie: Cookie attribute manipulation via prototype pollution (OSSM-14344)\n* CVE-2026-46625 openshift-service-mesh/kiali-rhel9: JavaScript Cookie: Cookie attribute manipulation via prototype pollution (OSSM-14345)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33183",
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12143",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42338",
"url": "https://access.redhat.com/security/cve/CVE-2026-42338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44486",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44487",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44488",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44492",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44494",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44495",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46625",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48779",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33183.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.22.6 for Red Hat OpenShift Service Mesh 3.3",
"tracking": {
"current_release_date": "2026-07-08T16:13:12+00:00",
"generator": {
"date": "2026-07-08T16:13:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33183",
"initial_release_date": "2026-06-29T17:47:08+00:00",
"revision_history": [
{
"date": "2026-06-29T17:47:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T17:47:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-08T16:13:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.3",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1782201466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-operator-bundle@sha256%3A69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-operator-bundle\u0026tag=1782295602"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Aa9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1782231576"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1782231869"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1782201466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1782231576"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Aea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1782231869"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Abea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1782201466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1782231576"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1782231869"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Ab2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1782201466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Ae68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1782231576"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1782231869"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-12143",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-06-12T19:00:57.360953+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (\") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "form-data: form-data: Form field override via CRLF injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact flaw in the form-data library: a remote attacker can inject arbitrary headers or additional multipart parts via CRLF injection in field names or filenames, potentially overriding sensitive form fields and affecting data integrity.\n\nFor RHOAI and RHEL AI, severity is Moderate because affected versions appear only as a transitive npm dependency in RHOAI (dashboard, mod-arch plugins, MLflow UI) and RHEL AI 3.4 bootc images, and those products use fixed field names for uploads rather than passing untrusted user input as multipart field names or filenames. The documented exploit path is therefore not reachable in default deployments. Practical impact is limited to non-default or custom integrations that forward multipart requests using attacker-controlled field names.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "RHBZ#2488480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/93.html",
"url": "https://cwe.mitre.org/data/definitions/93.html"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435",
"url": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229",
"url": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045",
"url": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx",
"url": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx"
},
{
"category": "external",
"summary": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data",
"url": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/form-data",
"url": "https://www.npmjs.com/package/form-data"
}
],
"release_date": "2026-06-12T18:01:30.362000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Applications using the `form-data` library should implement strict input validation and sanitization for all field names and filenames derived from untrusted sources. This prevents the injection of control characters (CR, LF, \") that could lead to header injection or form field overrides. Deployments that exclusively use fixed or trusted field names are not impacted.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "form-data: form-data: Form field override via CRLF injection"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-42338",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-12T21:01:14.436876+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2476810"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting (XSS) by providing untrusted input to the Address6 constructor. When an application renders the output of Address6.group(), Address6.link(), or the AddressError.parseMessage as HTML without proper escaping, the attacker-controlled content can be executed in the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in the `ip-address` JavaScript library is rated as Important. It allows for cross-site scripting (XSS) when an application processes untrusted input through the `Address6` constructor and subsequently renders the unescaped output of methods like `Address6.group()`, `Address6.link()`, or `AddressError.parseMessage` directly as HTML. While the library itself is affected, exploitation is contingent on specific application-level rendering practices that may not be common in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42338"
},
{
"category": "external",
"summary": "RHBZ#2476810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476810"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42338",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338"
},
{
"category": "external",
"summary": "https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g",
"url": "https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g"
}
],
"release_date": "2026-05-12T19:43:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input"
},
{
"cve": "CVE-2026-44486",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:30.944384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487947"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in the Axios Node.js HTTP adapter. Red Hat products utilizing Axios in a Node.js environment with an authenticated proxy and automatic redirects enabled are susceptible. The vulnerability arises when a request, initially sent through an authenticated proxy, is redirected to a target that no longer uses the proxy, potentially leaking `Proxy-Authorization` headers containing sensitive credentials to an untrusted remote server. This risk is heightened in deployments where applications interact with untrusted HTTP origins.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "RHBZ#2487947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc",
"url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc"
}
],
"release_date": "2026-06-11T15:39:07.714000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects"
},
{
"cve": "CVE-2026-44487",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:34.091476+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487948"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via redirect flows",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in Axios affecting Node.js environments. When an application uses Axios with an authenticated HTTP proxy and follows redirects from an HTTP to a non-proxied HTTPS destination, the Proxy-Authorization header may be inadvertently sent to the final origin server. This could lead to the exposure of sensitive proxy credentials to an unintended third party.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "RHBZ#2487948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v",
"url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v"
}
],
"release_date": "2026-06-11T15:38:25.150000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via redirect flows"
},
{
"cve": "CVE-2026-44488",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T17:01:36.836488+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Denial of Service due to unenforced request and response size limits",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A denial of service flaw was found in Axios, a JavaScript HTTP client library. This issue arises when applications utilize the `fetch` adapter, as configured request and response size limits are not properly enforced. A remote attacker could exploit this by sending or receiving excessively large data bodies, leading to resource exhaustion and potential denial of service in affected server-side applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "RHBZ#2487949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
}
],
"release_date": "2026-06-11T15:37:38.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Denial of Service due to unenforced request and response size limits"
},
{
"cve": "CVE-2026-44492",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2026-06-11T17:00:56.761751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Axios, a JavaScript HTTP client library, that allows for a proxy bypass. When a `NO_PROXY` environment variable is configured to prevent direct connections to specific IPv4 addresses, an attacker can craft a request URL using the IPv4-mapped IPv6 address format. This bypasses the intended `NO_PROXY` exclusion, routing the request through the configured proxy and potentially exposing internal services or sensitive information, such as cloud instance metadata credentials.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "RHBZ#2487938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv"
}
],
"release_date": "2026-06-11T15:29:13.890000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization"
},
{
"cve": "CVE-2026-44494",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:01:12.945664+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to escalate any existing Object.prototype pollution in an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the Axios library allows an attacker to escalate existing prototype pollution vulnerabilities within an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. By injecting a malicious proxy configuration into the `Object.prototype`, an attacker can intercept, read, and modify all HTTP traffic, including sensitive authentication credentials, without direct user interaction. This poses a significant risk to data confidentiality and integrity in Red Hat products that utilize the Axios library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "RHBZ#2487942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44494",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh",
"url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
}
],
"release_date": "2026-06-11T15:32:03.155000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution"
},
{
"cve": "CVE-2026-44495",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:00:53.999811+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure due to prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in Axios, a promise-based HTTP client, can lead to information disclosure, including credential theft and response hijacking, or denial of service. Exploitation requires a separate prototype pollution vulnerability in the same JavaScript process, allowing an attacker to control `Object.prototype.transformResponse`. Red Hat products using affected Axios versions are at risk if another component introduces such pollution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "RHBZ#2487937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
}
],
"release_date": "2026-06-11T15:33:12.433000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure due to prototype pollution vulnerability"
},
{
"cve": "CVE-2026-44496",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-06-11T17:01:15.856386+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Axios can lead to a client-side Denial of Service. An attacker capable of influencing the XSRF cookie name within a browser environment could trigger excessive regular expression processing, causing the affected browser tab to freeze and degrade user availability. This issue specifically impacts browser-based applications and does not affect Node.js HTTP adapter usage, React Native, or web workers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "RHBZ#2487943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"release_date": "2026-06-11T15:34:28.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
},
{
"cve": "CVE-2026-46625",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-10T22:01:17.685570+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie\u0027s attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"category": "external",
"summary": "RHBZ#2487740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46625",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020",
"url": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7",
"url": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j",
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
}
],
"release_date": "2026-06-10T21:18:05.372000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution"
},
{
"cve": "CVE-2026-48779",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-06-16T22:01:24.571224+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489661"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `ws` WebSocket library. A remote attacker can exploit this flaw by sending a high volume of small, fragmented data, leading to excessive memory consumption and subsequent process termination. This can result in service disruption for Red Hat products that utilize `ws` for WebSocket communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "RHBZ#2489661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7",
"url": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53",
"url": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94",
"url": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8",
"url": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p"
}
],
"release_date": "2026-06-16T21:26:22.537000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T17:47:08+00:00",
"details": "See Kiali 2.22.6 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:69ba86f602d01541695b2ab5e5a9db8ea6c6062af70de40d9b75b3d9b67a8abd_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2031ccb4f6cc24c036fae7f291ecb59b05e6c0a49a0abfaea39eb444f7f7b6bc_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:50584bc28d045ff5db77e4973c70e59bae2f33a2cc87c400c17bd6eafd7466ba_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:577b284ce810c91c5f9a44f9be5aad96e77e0546f61b6dce376013c7ebf480be_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ea66e2eb93ef01b30b2f4758e043a5c4a889df27a26a63334549fca91a8abd4b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:64851d8db25a79dbab207e3b14599c7486f8bdc8fe0b16e6e614164228c2b405_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9a8266a9c08cc1df3374ec3d0431c52b10275923e19cb767ee7633f71307ef73_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:a9e71a818f5bb5afc979df2dd3d9cc6a32a624155bac4a7672789bd2da2394e2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:e68a0fd8f0a8ba0ccf8c0f973c7e739300a30169ad0def2eaa2fa944fc29ee4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:4c3c63c71a4a2c1f28827c1270a2f74f251097296e348f8191ec560b33e42943_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:6759b5f712098d890c6a5124fb513097050f70b54e7e3723df4e74a36a40c3f3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b2c57e67cd87fe061679de42f24c4d4d7ed7dbb0c07eb228db95b2eb6147d9f9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:bea80650e9959da730b4fcde63752caa549f98759d2dc16009e7f8f44a2501d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments"
}
]
}
RHSA-2026:36625
Vulnerability from csaf_redhat - Published: 2026-07-08 08:08 - Updated: 2026-07-08 16:15A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie's attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36625",
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12143",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39831",
"url": "https://access.redhat.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46597",
"url": "https://access.redhat.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46625",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-53488",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9165",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4105_release-notes-410",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4105_release-notes-410"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36625.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.10.5 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-08T16:15:54+00:00",
"generator": {
"date": "2026-07-08T16:15:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:36625",
"initial_release_date": "2026-07-08T08:08:13+00:00",
"revision_history": [
{
"date": "2026-07-08T08:08:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T08:08:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-08T16:15:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3A41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8\u0026tag=1782356145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ac77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3A1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8\u0026tag=1782356145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Afe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aa0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ad048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ae723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Adc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aafeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Af8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aeba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Clasmeier"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-9165",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-05-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue affecting RHACS Central. This flaw allows an authenticated user to reduce availability of the Central management component. Red Hat is not aware of malicious exploitation of this issue outside of coordinated testing. Updates addressing this issue will be released according to the RHACS support lifecycle. Refer to the associated errata when available for affected versions and update instructions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "RHBZ#2480505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165"
}
],
"release_date": "2026-07-06T08:38:30.568000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "There is no complete mitigation other than installing the update once\navailable.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service"
},
{
"cve": "CVE-2026-12143",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-06-12T19:00:57.360953+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (\") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "form-data: form-data: Form field override via CRLF injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact flaw in the form-data library: a remote attacker can inject arbitrary headers or additional multipart parts via CRLF injection in field names or filenames, potentially overriding sensitive form fields and affecting data integrity.\n\nFor RHOAI and RHEL AI, severity is Moderate because affected versions appear only as a transitive npm dependency in RHOAI (dashboard, mod-arch plugins, MLflow UI) and RHEL AI 3.4 bootc images, and those products use fixed field names for uploads rather than passing untrusted user input as multipart field names or filenames. The documented exploit path is therefore not reachable in default deployments. Practical impact is limited to non-default or custom integrations that forward multipart requests using attacker-controlled field names.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "RHBZ#2488480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/93.html",
"url": "https://cwe.mitre.org/data/definitions/93.html"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435",
"url": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229",
"url": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045",
"url": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx",
"url": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx"
},
{
"category": "external",
"summary": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data",
"url": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/form-data",
"url": "https://www.npmjs.com/package/form-data"
}
],
"release_date": "2026-06-12T18:01:30.362000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Applications using the `form-data` library should implement strict input validation and sanitization for all field names and filenames derived from untrusted sources. This prevents the injection of control characters (CR, LF, \") that could lead to header injection or form field overrides. Deployments that exclusively use fixed or trusted field names are not impacted.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "form-data: form-data: Form field override via CRLF injection"
},
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39831",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-05-22T04:01:12.861178+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480675"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "RHBZ#2480675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39831",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831"
},
{
"category": "external",
"summary": "https://go.dev/cl/781662",
"url": "https://go.dev/cl/781662"
},
{
"category": "external",
"summary": "https://go.dev/issue/79566",
"url": "https://go.dev/issue/79566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5019",
"url": "https://pkg.go.dev/vuln/GO-2026-5019"
}
],
"release_date": "2026-05-22T02:31:27.436000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
},
{
"cve": "CVE-2026-46597",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2026-05-22T04:01:21.721980+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480678"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in `golang.org/x/crypto/ssh` allows a remote attacker to trigger a server-side panic by sending specially crafted inputs to the AES-GCM packet decoder. This vulnerability could lead to service unavailability in Red Hat products that incorporate and expose SSH services built with the affected `golang.org/x/crypto/ssh` component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "RHBZ#2480678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597"
},
{
"category": "external",
"summary": "https://go.dev/cl/781620",
"url": "https://go.dev/cl/781620"
},
{
"category": "external",
"summary": "https://go.dev/issue/79561",
"url": "https://go.dev/issue/79561"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5013",
"url": "https://pkg.go.dev/vuln/GO-2026-5013"
}
],
"release_date": "2026-05-22T02:31:26.754000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs"
},
{
"cve": "CVE-2026-46625",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-10T22:01:17.685570+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie\u0027s attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"category": "external",
"summary": "RHBZ#2487740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46625",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020",
"url": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7",
"url": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j",
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
}
],
"release_date": "2026-06-10T21:18:05.372000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution"
},
{
"cve": "CVE-2026-53488",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-07-01T02:01:09.589815+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2495815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in containerd where the CRI plugin propagates labels from an image configuration (LABEL instruction in a Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host via a plugin that consumes container labels for operations, such as the restart-monitor binary:// logger. An attacker who can cause a crafted container image to be pulled and run can achieve host-level code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "RHBZ#2495815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2495815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-53488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp"
}
],
"release_date": "2026-07-01T00:11:20.610000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Restrict container image pulls to trusted registries using admission policies or image signature verification. Where containerd is used as the container runtime, disable or restrict the binary:// logger URI scheme in the containerd configuration to prevent the label-to-logger attack path.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.