Action not permitted
Modal body text goes here.
Modal Title
Modal Body
Vulnerability from cleanstart
Published
2026-07-13 06:51
Modified
2026-06-05 11:34
Summary
Security fixes for CVE-2025-15558, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-44903, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 1.29.0-r0, 1.29.0-r1, 1.29.1-r0, 1.29.2-r0, 1.29.2-r1, 1.29.2-r2
Details
Multiple security vulnerabilities affect the istio package. These issues are resolved in later releases. See references for individual vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.29.2-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IT06487",
"modified": "2026-06-05T11:34:41Z",
"published": "2026-07-13T06:51:19.988501Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IT06487.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25680"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27136"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27145"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35469"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39821"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39824"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39827"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39828"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39829"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39830"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39831"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39832"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39833"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39834"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39835"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40179"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42151"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42154"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42502"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42504"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42506"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42507"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42508"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-46595"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-46597"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-46598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8rm2-7qqf-34qm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw8g-cg8f-9j28"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vffh-x6r8-xx99"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg65-39gg-5wfj"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25680"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27136"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39824"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39827"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39834"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40179"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42502"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42504"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42506"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42507"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46598"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-15558, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-44903, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 1.29.0-r0, 1.29.0-r1, 1.29.1-r0, 1.29.2-r0, 1.29.2-r1, 1.29.2-r2",
"upstream": [
"CVE-2025-15558",
"CVE-2026-25680",
"CVE-2026-25681",
"CVE-2026-27136",
"CVE-2026-27145",
"CVE-2026-33186",
"CVE-2026-33811",
"CVE-2026-33814",
"CVE-2026-35469",
"CVE-2026-39817",
"CVE-2026-39819",
"CVE-2026-39820",
"CVE-2026-39821",
"CVE-2026-39823",
"CVE-2026-39824",
"CVE-2026-39825",
"CVE-2026-39826",
"CVE-2026-39827",
"CVE-2026-39828",
"CVE-2026-39829",
"CVE-2026-39830",
"CVE-2026-39831",
"CVE-2026-39832",
"CVE-2026-39833",
"CVE-2026-39834",
"CVE-2026-39835",
"CVE-2026-39836",
"CVE-2026-40179",
"CVE-2026-42151",
"CVE-2026-42154",
"CVE-2026-42499",
"CVE-2026-42501",
"CVE-2026-42502",
"CVE-2026-42504",
"CVE-2026-42506",
"CVE-2026-42507",
"CVE-2026-42508",
"CVE-2026-44903",
"CVE-2026-46595",
"CVE-2026-46597",
"CVE-2026-46598",
"ghsa-8rm2-7qqf-34qm",
"ghsa-fw8g-cg8f-9j28",
"ghsa-p436-gjf2-799p",
"ghsa-p77j-4mvh-x3m3",
"ghsa-vffh-x6r8-xx99",
"ghsa-wg65-39gg-5wfj"
]
}
CVE-2025-15558 (GCVE-0-2025-15558)
Vulnerability from cvelistv5 – Published: 2026-03-04 16:14 – Updated: 2026-07-15 01:26
VLAI
EPSS
VEX
Title
Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Summary
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.
This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager package, such as Docker Compose.
This issue does not impact non-Windows binaries, and projects not using the plugin-manager code.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://docs.docker.com/desktop/release-notes/ | |
| https://www.zerodayinitiative.com/advisories/ZDI-… | third-party-advisory |
| https://github.com/docker/cli/pull/6713 | patch |
| https://access.redhat.com/security/cve/CVE-2025-15558 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2444574 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
Impacted products
29 products
| Vendor | Product | Version | |
|---|---|---|---|
| Docker | Docker CLI |
Unaffected:
29.2.0
(semver)
|
|
| Docker | Compose |
Unaffected:
5.1.0
(semver)
|
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | Builds for Red Hat OpenShift |
cpe:/a:redhat:openshift_builds:1 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Kernel Module Management Operator for Red Hat Openshift |
cpe:/a:redhat:kernel_module_management:2 |
|
| Red Hat | Machine Deletion Remediation Operator |
cpe:/a:redhat:workload_availability_mdr:0 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Multicluster Global Hub |
cpe:/a:redhat:multicluster_globalhub |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Trusted Artifact Signer |
cpe:/a:redhat:trusted_artifact_signer:1 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
Credits
Nitesh Surana (niteshsurana.com) of Trend Research of TrendAI
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15558",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T04:55:47.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "unaffected",
"packageName": "assisted/agent-preinstall-image-builder-rhel9",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-builds/openshift-builds-controller-rhel9",
"product": "Builds for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-builds/openshift-builds-git-cloner-rhel9",
"product": "Builds for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-builds/openshift-builds-image-bundler-rhel9",
"product": "Builds for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-builds/openshift-builds-image-processing-rhel9",
"product": "Builds for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-builds/openshift-builds-waiters-rhel9",
"product": "Builds for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-builds/openshift-builds-webhook-rhel9",
"product": "Builds for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "unaffected",
"packageName": "gatekeeper/gatekeeper-rhel9",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-hub-operator-bundle",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-hub-rhel9-operator",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-must-gather-rhel9",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-operator-bundle",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-rhel9-operator",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-signing-rhel9",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-webhook-server-rhel9",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "unaffected",
"packageName": "kmm/kernel-module-management-worker-rhel9",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "unaffected",
"packageName": "workload-availability/machine-deletion-remediation-operator-bundle",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "unaffected",
"packageName": "workload-availability/machine-deletion-remediation-rhel9-operator",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/capoa-bootstrap-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/capoa-control-plane-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-globalhub/multicluster-globalhub-grafana-rhel9",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-cache-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-chains-controller-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-chains-controller-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-cli-tkn-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-cli-tkn-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-controller-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-controller-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-entrypoint-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-events-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-hub-api-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-hub-db-migration-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-hub-ui-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-nop-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-opc-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-operator-bundle",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-operator-proxy-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-operator-webhook-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-resolvers-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-resolvers-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-results-api-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-results-watcher-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-results-watcher-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-rhel8-operator",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-rhel9-operator",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-sidecarlogresults-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-sidecarlogresults-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-webhook-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-pipelines/pipelines-workingdirinit-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-serverless-1/kn-client-kn-rhel9",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-serverless-1/kn-plugin-event-sender-rhel9",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-serverless-1/kn-plugin-func-func-util-rhel9",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-serverless-1/kn-serving-controller-rhel9",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/istio-cni-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/istio-rhel8-operator",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/pilot-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/proxyv2-rhel9",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/submariner-operator-bundle",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/submariner-rhel9-operator",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-model-registry-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/cnf-tests-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/frr-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/metallb-rhel8-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/metallb-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/metallb-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/oc-mirror-plugin-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/oc-mirror-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-api-server-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-api-server-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-csr-approver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-csr-approver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-node-agent-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-orchestrator-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-console",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-console-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-helm-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-helm-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-olm-catalogd-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-olm-operator-controller-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-framework-tools-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-lifecycle-manager",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-registry",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-registry-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-sdk-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-operator-sdk-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ztp-site-generate-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "redhat/redhat-operator-index",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unaffected",
"packageName": "devspaces/traefik-rhel9",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "unaffected",
"packageName": "openshift4-wincw/windows-machine-config-operator-bundle",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "unaffected",
"packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-gitops-1/argocd-rhel8",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-gitops-1/argocd-rhel9",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"packageName": "rhosp-rhel8/osp-director-agent",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"packageName": "rhosp-rhel8/osp-director-downloader",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"packageName": "rhosp-rhel8/osp-director-operator",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"packageName": "rhosp-rhel8/osp-director-operator-bundle",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "unaffected",
"packageName": "rhosp-rhel9/osp-director-operator-bundle",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "unaffected",
"packageName": "rhoso-operators/openstack-operator-bundle",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "unaffected",
"packageName": "rhoso-operators/openstack-rhel9-operator",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "unaffected",
"packageName": "rhoso-operators/rabbitmq-cluster-rhel9-operator",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "unaffected",
"packageName": "quay/clair-rhel8",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "unaffected",
"packageName": "quay/clair-rhel9",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/client-server-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/cosign-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/gitsign-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/policy-controller-operator-bundle",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/policy-controller-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/policy-controller-rhel9-operator",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/rhtas-console-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/rhtas-operator-bundle",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/rhtas-rhel9-operator",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "compliance/openshift-security-profiles-operator-bundle",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "compliance/openshift-security-profiles-rhel8-operator",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-oidc-discovery-provider-rhel9",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-server-rhel9",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-oidc-discovery-provider-rhel9",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-server-rhel9",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/zero-trust-workload-identity-manager-operator-bundle",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/zero-trust-workload-identity-manager-rhel9",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-04T16:14:32.045Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Docker CLI for Windows. A low-privileged attacker can exploit this vulnerability by creating a specific directory, C:\\ProgramData\\Docker\\cli-plugins, which does not exist by default. By placing malicious plugin binaries in this directory, an attacker can achieve privilege escalation when a victim user opens Docker Desktop or uses Docker CLI plugin features, provided the Docker CLI is executed with elevated privileges."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:26:49.243Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-15558"
},
{
"name": "RHBZ#2444574",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444574"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15558.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-04T17:01:09.062Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-04T16:14:32.045Z",
"value": "Made public."
}
],
"title": "docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "Docker CLI",
"vendor": "Docker",
"versions": [
{
"status": "unaffected",
"version": "29.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Compose",
"vendor": "Docker",
"versions": [
{
"status": "unaffected",
"version": "5.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nitesh Surana (niteshsurana.com) of Trend Research of TrendAI"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDocker CLI for Windows searches for plugin binaries in \u003ccode\u003eC:\\ProgramData\\Docker\\cli-plugins\u003c/code\u003e, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the \u003ccode\u003edocker\u003c/code\u003e\u0026nbsp;CLI is executed as a privileged user.\u003c/p\u003e\u003cp\u003eThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager\"\u003e\u003ccode\u003egithub.com/docker/cli/cli-plugins/manager\u003c/code\u003e\u003c/a\u003e\u0026nbsp;package, such as Docker Compose.\u003c/p\u003e\u003cp\u003eThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker\u00a0CLI is executed as a privileged user.\n\nThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager \u00a0package, such as Docker Compose.\n\nThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code."
}
],
"impacts": [
{
"capecId": "CAPEC-38",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
}
]
},
{
"capecId": "CAPEC-471",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-471 Search Order Hijacking"
}
]
},
{
"capecId": "CAPEC-640",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-640 Inclusion of Code in Existing Process"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T16:14:32.045Z",
"orgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e",
"shortName": "Docker"
},
"references": [
{
"url": "https://docs.docker.com/desktop/release-notes/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-28304/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/docker/cli/pull/6713"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "686469e6-3ff6-451b-ab8b-cf5b9e89401e",
"assignerShortName": "Docker",
"cveId": "CVE-2025-15558",
"datePublished": "2026-03-04T16:14:32.045Z",
"dateReserved": "2026-02-03T19:51:18.184Z",
"dateUpdated": "2026-07-15T01:26:49.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25680 (GCVE-0-2026-25680)
Vulnerability from cvelistv5 – Published: 2026-05-22 15:01 – Updated: 2026-05-22 17:00
VLAI
EPSS
VEX
Title
Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
Summary
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-407 - Inefficient Algorithmic Complexity
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.55.0
(semver)
|
Credits
IPC Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-25680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T17:00:30.926552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T17:00:35.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "parser.parse"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.55.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "IPC Labs"
}
],
"descriptions": [
{
"lang": "en",
"value": "Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T15:01:21.805Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/781702"
},
{
"url": "https://go.dev/issue/79573"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-5028"
}
],
"title": "Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-25680",
"datePublished": "2026-05-22T15:01:21.805Z",
"dateReserved": "2026-02-05T01:35:43.737Z",
"dateUpdated": "2026-05-22T17:00:35.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25681 (GCVE-0-2026-25681)
Vulnerability from cvelistv5 – Published: 2026-05-22 15:01 – Updated: 2026-05-22 17:46
VLAI
EPSS
VEX
Title
Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
Summary
Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.55.0
(semver)
|
Credits
ensy
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-25681",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T17:46:00.775026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T17:46:20.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "parser.parse"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.55.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ensy"
}
],
"descriptions": [
{
"lang": "en",
"value": "Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T15:01:21.975Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/79574"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"url": "https://go.dev/cl/781703"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"title": "Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-25681",
"datePublished": "2026-05-22T15:01:21.975Z",
"dateReserved": "2026-02-05T01:35:43.738Z",
"dateUpdated": "2026-05-22T17:46:20.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27136 (GCVE-0-2026-27136)
Vulnerability from cvelistv5 – Published: 2026-05-22 15:01 – Updated: 2026-05-22 16:59
VLAI
EPSS
VEX
Title
Invoking duplicate attributes can cause XSS in golang.org/x/net/html
Summary
Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.55.0
(semver)
|
Credits
ensy
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-27136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T16:59:35.355098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T16:59:52.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "parser.parse"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.55.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ensy"
}
],
"descriptions": [
{
"lang": "en",
"value": "Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T15:01:22.111Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/79575"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"url": "https://go.dev/cl/781685"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-5030"
}
],
"title": "Invoking duplicate attributes can cause XSS in golang.org/x/net/html"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-27136",
"datePublished": "2026-05-22T15:01:22.111Z",
"dateReserved": "2026-02-17T19:57:28.434Z",
"dateUpdated": "2026-05-22T16:59:52.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27145 (GCVE-0-2026-27145)
Vulnerability from cvelistv5 – Published: 2026-06-02 22:01 – Updated: 2026-07-15 02:46
VLAI
EPSS
VEX
Title
Inefficient candidate hostname parsing in crypto/x509
Summary
(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number of SAN entries multiplied by the hostname's label count. Because x509.Verify validates hostnames before building the certificate chain, this overhead occurred even for untrusted certificates.
Severity
6.5 (Medium)
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
17 references
| URL | Tags |
|---|---|
| https://go.dev/cl/783621 | |
| https://go.dev/issue/79694 | |
| https://groups.google.com/g/golang-announce/c/tKs… | |
| https://pkg.go.dev/vuln/GO-2026-5037 | |
| https://access.redhat.com/security/cve/CVE-2026-27145 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2484207 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:35832 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34357 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:39005 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:38995 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29981 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34359 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36317 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33574 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36648 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36797 | vendor-advisoryx_refsource_REDHAT |
Impacted products
84 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.25.11
(semver)
Affected: 1.26.0-0 , < 1.26.4 (semver) |
|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:0.152.1-1.el10_2 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:0.9.27-7.el10_2.2 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
1:0.3.8-6.el10_2 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8100020260710105056.a3795dee , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.26.4-1.el9_8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:0.152.1-1.el9_8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
2:1.22.2-7.el9_8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
Unaffected:
1782767215 , < *
(rpm)
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.7.4 |
Unaffected:
1783057868 , < *
(rpm)
cpe:/a:redhat:openshift_builds:1.7::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.4 |
Unaffected:
4-1.4.2 , < *
(rpm)
cpe:/a:redhat:trusted_artifact_signer:1.4::el9 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Compliance Operator |
cpe:/a:redhat:openshift_compliance_operator:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Custom Metric Autoscaler operator for Red Hat Openshift |
cpe:/a:redhat:openshift_custom_metrics_autoscaler:2 |
|
| Red Hat | Deployment Validation Operator |
cpe:/a:redhat:deployment_validator_operator |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | Fence Agents Remediation Operator |
cpe:/a:redhat:workload_availability_far:0 |
|
| Red Hat | File Integrity Operator |
cpe:/a:redhat:openshift_file_integrity_operator:1 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:6 |
|
| Red Hat | Logical Volume Manager Storage |
cpe:/a:redhat:lvms:4 |
|
| Red Hat | Machine Deletion Remediation Operator |
cpe:/a:redhat:workload_availability_mdr:0 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | Migration Toolkit for Containers |
cpe:/a:redhat:rhmt:1 |
|
| Red Hat | mirror registry for Red Hat OpenShift 2 |
cpe:/a:redhat:mirror_registry:2 |
|
| Red Hat | Multiarch Tuning Operator |
cpe:/a:redhat:multiarch_tuning_operator |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Multicluster Global Hub |
cpe:/a:redhat:multicluster_globalhub |
|
| Red Hat | Network Observability Operator |
cpe:/a:redhat:network_observ_optr:1 |
|
| Red Hat | Node HealthCheck Operator |
cpe:/a:redhat:workload_availability_nhc:0 |
|
| Red Hat | OpenShift API for Data Protection |
cpe:/a:redhat:openshift_api_data_protection:1 |
|
| Red Hat | OpenShift Developer Tools and Services |
cpe:/a:redhat:ocp_tools |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | OpenShift Source-to-Image (S2I) |
cpe:/a:redhat:source_to_image:1 |
|
| Red Hat | Power monitoring for Red Hat OpenShift |
cpe:/a:redhat:openshift_power_monitoring |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat Ceph Storage 5 |
cpe:/a:redhat:ceph_storage:5 |
|
| Red Hat | Red Hat Ceph Storage 6 |
cpe:/a:redhat:ceph_storage:6 |
|
| Red Hat | Red Hat Ceph Storage 7 |
cpe:/a:redhat:ceph_storage:7 |
|
| Red Hat | Red Hat Ceph Storage 8 |
cpe:/a:redhat:ceph_storage:8 |
|
| Red Hat | Red Hat Ceph Storage 9 |
cpe:/a:redhat:ceph_storage:9 |
|
| Red Hat | Red Hat Connectivity Link 1 |
cpe:/a:redhat:connectivity_link:1 |
|
| Red Hat | Red Hat Edge Manager 1 |
cpe:/a:redhat:edge_manager:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Lightspeed for Runtimes Operator |
cpe:/a:redhat:lightspeed_for_runtimes:1 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Cluster Manager CLI |
cpe:/a:redhat:openshift_cluster_manager_cli:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift Dev Workspaces Operator |
cpe:/a:redhat:devworkspace |
|
| Red Hat | Red Hat OpenShift distributed tracing 3 |
cpe:/a:redhat:openshift_distributed_tracing:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Red Hat Service Interconnect 2 |
cpe:/a:redhat:service_interconnect:2 |
|
| Red Hat | Red Hat Web Terminal |
cpe:/a:redhat:webterminal:1 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | Service Telemetry Framework 1.5 |
cpe:/a:redhat:stf:1.5 |
|
| Red Hat | streams for Apache Kafka 2 |
cpe:/a:redhat:amq_streams:2 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
Credits
Jakub Ciolek - https://ciolek.dev/
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-27145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:34:03.859208Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:34:53.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"packageName": "opentelemetry-collector",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.152.1-1.el10_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"packageName": "golang-github-openprinting-ipp-usb",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.9.27-7.el10_2.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:0.3.8-6.el10_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "go-toolset:rhel8",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020260710105056.a3795dee",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.26.4-1.el9_8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "opentelemetry-collector",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.152.1-1.el9_8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "skopeo",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.22.2-7.el9_8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-rhel9-operator",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782767215",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1.7::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-builds/openshift-builds-waiters-rhel9",
"product": "Red Hat OpenShift Builds 1.7.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783057868",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
],
"defaultStatus": "affected",
"packageName": "conforma-cli-stack-v1",
"product": "Red Hat Trusted Artifact Signer 1.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4-1.4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"packageName": "rhai/assisted-installer-rhel9",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"packageName": "cert-manager/jetstack-cert-manager-rhel9",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-operator-bundle",
"product": "Compliance Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "unaffected",
"packageName": "build-of-trustee/trustee-rhel9-operator",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "unaffected",
"packageName": "cryostat/cryostat-storage-rhel9",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
],
"defaultStatus": "unaffected",
"packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9",
"product": "Custom Metric Autoscaler operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:deployment_validator_operator"
],
"defaultStatus": "affected",
"packageName": "dvo/deployment-validation-rhel8-operator",
"product": "Deployment Validation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"packageName": "external-secrets-operator/external-secrets-rhel9",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_far:0"
],
"defaultStatus": "affected",
"packageName": "workload-availability/fence-agents-remediation-rhel8-operator",
"product": "Fence Agents Remediation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-operator-bundle",
"product": "File Integrity Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "unaffected",
"packageName": "gatekeeper/gatekeeper-rhel9-operator",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "unaffected",
"packageName": "openshift-logging/eventrouter-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/lvms-rhel9-operator",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/topolvm-rhel8",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/topolvm-rhel9",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "affected",
"packageName": "workload-availability/machine-deletion-remediation-rhel8-operator",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "unaffected",
"packageName": "mta/mta-cli-rhel9",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"packageName": "rhmtc/openshift-migration-registry-rhel8",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:mirror_registry:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift/mirror-registry-rhel8",
"product": "mirror registry for Red Hat OpenShift 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multiarch_tuning_operator"
],
"defaultStatus": "affected",
"packageName": "multiarch-tuning/multiarch-tuning-rhel9-operator",
"product": "Multiarch Tuning Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/assisted-service-9-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/backplane-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/clusterclaims-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/cluster-curator-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/cluster-image-set-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/hive-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/hypershift-addon-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/kube-rbac-proxy-mce-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/maestro-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/multicloud-manager-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/placement-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/provider-credential-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/registration-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/work-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "affected",
"packageName": "multicluster-globalhub/multicluster-globalhub-agent-rhel9",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "affected",
"packageName": "network-observability/network-observability-cli-rhel9",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"packageName": "node-healthcheck-operator-tech-preview/node-healthcheck-operator-rhel8",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"packageName": "node-healthcheck-operator-tech-preview/node-healthcheck-rhel8-operator",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"packageName": "workload-availability/node-healthcheck-rhel8-operator",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "unknown",
"packageName": "oadp/oadp-velero-rhel9",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "unaffected",
"packageName": "helm",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"packageName": "openshift-lightspeed/lightspeed-rhel9-operator",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines-client",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-scheduler-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "kn-workflow-plugin",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-serverless-1/kn-plugin-event-sender-rhel9",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-serverless-1/logic-rhel9-operator",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-clients",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "rh-osbs/openshift-golang-builder",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "affected",
"packageName": "rh-osbs/openshift-golang-builder",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:source_to_image:1"
],
"defaultStatus": "affected",
"packageName": "source-to-image/source-to-image-rhel8",
"product": "OpenShift Source-to-Image (S2I)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "affected",
"packageName": "openshift-power-monitoring/kepler-rhel9",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unaffected",
"packageName": "3scale-amp2/3scale-rhel7-operator",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp2/3scale-rhel9-operator",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-cli-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-cluster-permission-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-governance-policy-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-governance-policy-framework-addon-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-volsync-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/cert-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/config-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/governance-policy-propagator-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/insights-client-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/insights-metrics-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/kube-rbac-proxy-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multiclusterhub-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicluster-observability-rhel9-operator",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicluster-operators-application-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/subctl-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/thanos-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-main-rhel9",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform-26/receptor-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-27/receptor-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform/platform-operator-bundle",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-gateway-proxy",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-gateway-proxy-openssl30",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-gateway-proxy-openssl32",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.12-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.12-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3x-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "receptor",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "affected",
"packageName": "rhceph/snmp-notifier-rhel8",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "affected",
"packageName": "rhceph/snmp-notifier-rhel9",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:7"
],
"defaultStatus": "unaffected",
"packageName": "rhceph/grafana-rhel9",
"product": "Red Hat Ceph Storage 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:8"
],
"defaultStatus": "unaffected",
"packageName": "rhceph/grafana-rhel9",
"product": "Red Hat Ceph Storage 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:9"
],
"defaultStatus": "unaffected",
"packageName": "rhceph/alloy-rhel10",
"product": "Red Hat Ceph Storage 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"packageName": "rhcl-1/authorino-rhel9",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"packageName": "rhcl-1/coredns-rhel9",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "affected",
"packageName": "flightctl",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-ui-rhel9",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "butane",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "conmon",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "delve",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "git-lfs",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "go-fdo-client",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "go-fdo-server",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "grafana-pcp",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "gvisor-tap-vsock",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "ignition",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "image-builder",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "osbuild-composer",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "rhc-worker-playbook",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "rhel10/bootc-image-builder",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "rhel10-eus/rhel-10.0-bootc-image-builder",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "skopeo",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "toolbox",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "trustee",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "trustee-guest-components",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "yggdrasil",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "host-metering",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "rhc-worker-script",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/buildah",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/conmon",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/containernetworking-plugins",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/podman",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/runc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/skopeo",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8/toolbox",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "git-lfs",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "grafana-pcp",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "osbuild-composer",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "weldr-client",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "butane",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "conmon",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "containernetworking-plugins",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "git-lfs",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "grafana-pcp",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "gvisor-tap-vsock",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "ignition",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "image-builder",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "osbuild-composer",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "rhel9/bootc-image-builder",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "rhel9-eus/rhel-9.6-bootc-image-builder",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "runc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "toolbox",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "trustee-guest-components",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "weldr-client",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "golang1.25",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "golang1.26",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lightspeed_for_runtimes:1"
],
"defaultStatus": "affected",
"packageName": "rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator",
"product": "Red Hat Lightspeed for Runtimes Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-rhel8-operator",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-rhel9-operator",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/rhai-cli-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"packageName": "ocm-cli-clients/ocm-cli-rhel9",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "butane",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "conmon",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "conmon-rs",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "containernetworking-plugins",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "cri-o",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "cri-tools",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "golang-github-prometheus-promu",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "ignition",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "kata-containers",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "microshift",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/frr-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-cli",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"packageName": "openshift4/ose-hypershift-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift-clients",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift-kuryr",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "ose-aws-ecr-image-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "ose-azure-acr-image-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "ose-crio-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "ose-gcp-gcr-image-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "rh-osbs/openshift-golang-builder",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "runc",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "skopeo",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unaffected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unaffected",
"packageName": "devspaces/udi-rhel9",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:devworkspace"
],
"defaultStatus": "affected",
"packageName": "devworkspace/devworkspace-rhel9-operator",
"product": "Red Hat OpenShift Dev Workspaces Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/tempo-rhel9",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "unaffected",
"packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-gitops-1/dex-rhel8",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-gitops-1/dex-rhel9",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"packageName": "rosa",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-apiserver-proxy-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-redfish-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "kubevirt",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "rh-osbs/openshift-golang-builder",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"packageName": "etcd",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "golang-github-infrawatch-apputils",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "rhosp-rhel8/osp-director-agent",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "collectd-libpod-stats",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "unaffected",
"packageName": "etcd",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "golang-github-infrawatch-apputils",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "rhosp-rhel9/osp-director-agent",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"packageName": "golang-github-openstack-k8s-operators-os-diff",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"packageName": "rhoso-operators/sg-core-rhel9",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "unaffected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "unaffected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "satellite:el8/yggdrasil-worker-forwarder",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "satellite/iop-vmaas-rhel9",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "yggdrasil-worker-forwarder",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "unaffected",
"packageName": "skupper-cli",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:webterminal:1"
],
"defaultStatus": "affected",
"packageName": "web-terminal/web-terminal-exec-rhel9",
"product": "Red Hat Web Terminal",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-selinuxd-rhel8",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:stf:1.5"
],
"defaultStatus": "unaffected",
"packageName": "stf/sg-core-rhel9",
"product": "Service Telemetry Framework 1.5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_streams:2"
],
"defaultStatus": "affected",
"packageName": "golang-github-danielqsj-kafka_exporter",
"product": "streams for Apache Kafka 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"packageName": "golang-github-danielqsj-kafka_exporter",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"packageName": "zero-trust-workload-identity-manager/spiffe-csi-driver-rhel9",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
}
],
"datePublic": "2026-06-02T22:01:36.954Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-606",
"description": "Unchecked Input for Loop Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T02:46:04.951Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"name": "RHBZ#2484207",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484207"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27145.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:35832"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34357"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:39005"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:38995"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29981"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34359"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36317"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:35832: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:34357: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:39005: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:38995: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:29981: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:34359: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:36317: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4"
},
{
"lang": "en",
"value": "RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-02T23:01:08.992Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-06-02T22:01:36.954Z",
"value": "Made public."
}
],
"title": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries",
"workarounds": [
{
"lang": "en",
"value": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037)."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "HostnameError.Error"
},
{
"name": "matchHostnames"
},
{
"name": "Certificate.Verify"
},
{
"name": "Certificate.VerifyHostname"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.4",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek - https://ciolek.dev/"
}
],
"descriptions": [
{
"lang": "en",
"value": "(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, \".\") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number of SAN entries multiplied by the hostname\u0027s label count. Because x509.Verify validates hostnames before building the certificate chain, this overhead occurred even for untrusted certificates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T22:01:36.954Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/783621"
},
{
"url": "https://go.dev/issue/79694"
},
{
"url": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-5037"
}
],
"title": "Inefficient candidate hostname parsing in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-27145",
"datePublished": "2026-06-02T22:01:36.954Z",
"dateReserved": "2026-02-17T19:57:28.435Z",
"dateUpdated": "2026-07-15T02:46:04.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33186 (GCVE-0-2026-33186)
Vulnerability from cvelistv5 – Published: 2026-03-20 22:23 – Updated: 2026-07-15 02:50
VLAI
EPSS
VEX
Title
gRPC-Go has an authorization bypass via missing leading slash in :path
Summary
gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/grpc/grpc-go/security/advisori… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T18:08:38.989284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T18:09:13.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-07-15T02:50:21.321Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
],
"cna": {
"affected": [
{
"product": "grpc-go",
"vendor": "grpc",
"versions": [
{
"status": "affected",
"version": "\u003c 1.79.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T22:23:32.147Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"source": {
"advisory": "GHSA-p77j-4mvh-x3m3",
"discovery": "UNKNOWN"
},
"title": "gRPC-Go has an authorization bypass via missing leading slash in :path"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33186",
"datePublished": "2026-03-20T22:23:32.147Z",
"dateReserved": "2026-03-17T22:16:36.720Z",
"dateUpdated": "2026-07-15T02:50:21.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33811 (GCVE-0-2026-33811)
Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-15 02:46
VLAI
EPSS
VEX
Title
Crash when handling long CNAME response in net
Summary
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
34 references
| URL | Tags |
|---|---|
| https://go.dev/issue/78803 | |
| https://go.dev/cl/767860 | |
| https://groups.google.com/g/golang-announce/c/qcC… | |
| https://pkg.go.dev/vuln/GO-2026-4981 | |
| https://access.redhat.com/security/cve/CVE-2026-33811 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467822 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:36796 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:39272 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:35832 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34357 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:38504 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:39266 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36776 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:39319 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36617 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34359 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34364 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36625 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36207 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36319 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33574 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36651 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23262 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23264 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36648 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:35994 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:35993 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:35995 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33123 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33142 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33150 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33120 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36797 | vendor-advisoryx_refsource_REDHAT |
Impacted products
111 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net |
Affected:
0 , < 1.25.10
(semver)
Affected: 1.26.0-0 , < 1.26.3 (semver) |
|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:0.152.1-1.el10_2 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:0.9.27-7.el10_2.2 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:3.7.1-5.el10_2.6 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
1:0.2.5-8.el8_10 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8100020260709093628.afee755d , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:3.4.1-12.el8_10 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:0.152.1-1.el9_8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.2.11-2.el9_8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:3.7.1-4.el9_8.2 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9 |
|
| Red Hat | RHEM 1.0 for RHEL 9 |
Unaffected:
0:1.0.3-1.el9em , < *
(rpm)
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.4 |
Unaffected:
1782408807 , < *
(rpm)
cpe:/a:redhat:logging:6.4::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.10 |
Unaffected:
1783357140 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.10::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.11 |
Unaffected:
1783352589 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
Unaffected:
1783357116 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
Unaffected:
1782767215 , < *
(rpm)
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat Edge Manager 1.0 |
Unaffected:
1783502438 , < *
(rpm)
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat Hardened Images |
Unaffected:
1.25.11-2.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Hardened Images |
Unaffected:
1.26.4-2.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat OpenShift Builds 1.7.4 |
Unaffected:
1783057868 , < *
(rpm)
cpe:/a:redhat:openshift_builds:1.7::el9 |
|
| Red Hat | Red Hat OpenShift GitOps 1.19 |
Unaffected:
1782292352 , < *
(rpm)
cpe:/a:redhat:openshift_gitops:1.19::el8 |
|
| Red Hat | Red Hat OpenShift GitOps 1.20 |
Unaffected:
1782383826 , < *
(rpm)
cpe:/a:redhat:openshift_gitops:1.20::el9 |
|
| Red Hat | Red Hat OpenShift GitOps 1.21 |
Unaffected:
1782910941 , < *
(rpm)
cpe:/a:redhat:openshift_gitops:1.21::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782222217 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782223341 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782296193 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782222607 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782222163 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782223138 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782222394 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782222451 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782226178 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782224487 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782303211 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782224541 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782223045 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782222366 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782310747 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782222038 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.4 |
Unaffected:
4-1.4.2 , < *
(rpm)
cpe:/a:redhat:trusted_artifact_signer:1.4::el9 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Compliance Operator |
cpe:/a:redhat:openshift_compliance_operator:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Custom Metric Autoscaler operator for Red Hat Openshift |
cpe:/a:redhat:openshift_custom_metrics_autoscaler:2 |
|
| Red Hat | Deployment Validation Operator |
cpe:/a:redhat:deployment_validator_operator |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | Fence Agents Remediation Operator |
cpe:/a:redhat:workload_availability_far:0 |
|
| Red Hat | File Integrity Operator |
cpe:/a:redhat:openshift_file_integrity_operator:1 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:6 |
|
| Red Hat | Logical Volume Manager Storage |
cpe:/a:redhat:lvms:4 |
|
| Red Hat | Machine Deletion Remediation Operator |
cpe:/a:redhat:workload_availability_mdr:0 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | Migration Toolkit for Containers |
cpe:/a:redhat:rhmt:1 |
|
| Red Hat | mirror registry for Red Hat OpenShift |
cpe:/a:redhat:mirror_registry:1 |
|
| Red Hat | mirror registry for Red Hat OpenShift 2 |
cpe:/a:redhat:mirror_registry:2 |
|
| Red Hat | Multiarch Tuning Operator |
cpe:/a:redhat:multiarch_tuning_operator |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Multicluster Global Hub |
cpe:/a:redhat:multicluster_globalhub |
|
| Red Hat | Network Observability Operator |
cpe:/a:redhat:network_observ_optr:1 |
|
| Red Hat | Node HealthCheck Operator |
cpe:/a:redhat:workload_availability_nhc:0 |
|
| Red Hat | OpenShift API for Data Protection |
cpe:/a:redhat:openshift_api_data_protection:1 |
|
| Red Hat | OpenShift Developer Tools and Services |
cpe:/a:redhat:ocp_tools |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | OpenShift Source-to-Image (S2I) |
cpe:/a:redhat:source_to_image:1 |
|
| Red Hat | Power monitoring for Red Hat OpenShift |
cpe:/a:redhat:openshift_power_monitoring |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat AMQ Clients |
cpe:/a:redhat:amq_clients:2023 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat Ceph Storage 5 |
cpe:/a:redhat:ceph_storage:5 |
|
| Red Hat | Red Hat Ceph Storage 6 |
cpe:/a:redhat:ceph_storage:6 |
|
| Red Hat | Red Hat Ceph Storage 9 |
cpe:/a:redhat:ceph_storage:9 |
|
| Red Hat | Red Hat Certification Program for Red Hat Enterprise Linux 9 |
cpe:/a:redhat:certifications:9 |
|
| Red Hat | Red Hat Connectivity Link 1 |
cpe:/a:redhat:connectivity_link:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat Lightspeed for Runtimes Operator |
cpe:/a:redhat:lightspeed_for_runtimes:1 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Cluster Manager CLI |
cpe:/a:redhat:openshift_cluster_manager_cli:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift Dev Workspaces Operator |
cpe:/a:redhat:devworkspace |
|
| Red Hat | Red Hat OpenShift distributed tracing 3 |
cpe:/a:redhat:openshift_distributed_tracing:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Red Hat Service Interconnect 1 |
cpe:/a:redhat:service_interconnect:1 |
|
| Red Hat | Red Hat Service Interconnect 2 |
cpe:/a:redhat:service_interconnect:2 |
|
| Red Hat | Red Hat Web Terminal |
cpe:/a:redhat:webterminal:1 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | Service Telemetry Framework 1.5 |
cpe:/a:redhat:stf:1.5 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
Credits
hamayanhamayan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-33811",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T14:25:39.702568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T14:25:43.896Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"packageName": "opentelemetry-collector",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.152.1-1.el10_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"packageName": "golang-github-openprinting-ipp-usb",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.9.27-7.el10_2.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"packageName": "git-lfs",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.1-5.el10_2.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:0.2.5-8.el8_10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020260709093628.afee755d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "git-lfs",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.4.1-12.el8_10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "opentelemetry-collector",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.152.1-1.el9_8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "oci-seccomp-bpf-hook",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.2.11-2.el9_8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "git-lfs",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.1-4.el9_8.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"packageName": "flightctl",
"product": "RHEM 1.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0.3-1.el9em",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:6.4::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/eventrouter-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift 6.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782408807",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783357140",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.11::el9"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel9",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783352589",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783357116",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-rhel9-operator",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782767215",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-ui-rhel9",
"product": "Red Hat Edge Manager 1.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783502438",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "golang1-25-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.25.11-2.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "golang1-26-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.26.4-2.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_builds:1.7::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-builds/openshift-builds-waiters-rhel9",
"product": "Red Hat OpenShift Builds 1.7.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783057868",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.19::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/dex-rhel8",
"product": "Red Hat OpenShift GitOps 1.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782292352",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/dex-rhel9",
"product": "Red Hat OpenShift GitOps 1.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782383826",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/dex-rhel9",
"product": "Red Hat OpenShift GitOps 1.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782910941",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222217",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782223341",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782296193",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222607",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222163",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782223138",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222394",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222451",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782226178",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782224487",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782303211",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782224541",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782223045",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222366",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782310747",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222038",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
],
"defaultStatus": "affected",
"packageName": "conforma-cli-stack-v1",
"product": "Red Hat Trusted Artifact Signer 1.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4-1.4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"packageName": "rhai/assisted-installer-rhel9",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"packageName": "cert-manager/jetstack-cert-manager-rhel9",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-operator-bundle",
"product": "Compliance Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"packageName": "build-of-trustee/trustee-rhel9-operator",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"packageName": "confidential-compute-attestation-tech-preview/trustee-rhel9-operator",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-monitor-rhel9",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-storage-rhel9",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
],
"defaultStatus": "unaffected",
"packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9",
"product": "Custom Metric Autoscaler operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:deployment_validator_operator"
],
"defaultStatus": "affected",
"packageName": "dvo/deployment-validation-rhel8-operator",
"product": "Deployment Validation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"packageName": "external-secrets-operator/external-secrets-rhel9",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_far:0"
],
"defaultStatus": "affected",
"packageName": "workload-availability/fence-agents-remediation-rhel8-operator",
"product": "Fence Agents Remediation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-operator-bundle",
"product": "File Integrity Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "affected",
"packageName": "gatekeeper/gatekeeper-rhel9-operator",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-loki-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"packageName": "lvms4/lvms-rhel9-operator",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"packageName": "lvms4/topolvm-rhel8",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"packageName": "lvms4/topolvm-rhel9",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "affected",
"packageName": "workload-availability/machine-deletion-remediation-rhel8-operator",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "affected",
"packageName": "mta/mta-cli-rhel9",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"packageName": "rhmtc/openshift-migration-registry-rhel8",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:mirror_registry:1"
],
"defaultStatus": "affected",
"packageName": "openshift/mirror-registry-rhel8",
"product": "mirror registry for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:mirror_registry:2"
],
"defaultStatus": "affected",
"packageName": "openshift/mirror-registry-rhel8",
"product": "mirror registry for Red Hat OpenShift 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multiarch_tuning_operator"
],
"defaultStatus": "affected",
"packageName": "multiarch-tuning/multiarch-tuning-rhel9-operator",
"product": "Multiarch Tuning Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/backplane-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/hypershift-addon-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/maestro-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/multicloud-manager-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/placement-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/work-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "affected",
"packageName": "multicluster-globalhub/multicluster-globalhub-agent-rhel8",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "affected",
"packageName": "multicluster-globalhub/multicluster-globalhub-agent-rhel9",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "affected",
"packageName": "network-observability/network-observability-cli-rhel9",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"packageName": "node-healthcheck-operator-tech-preview/node-healthcheck-operator-rhel8",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"packageName": "node-healthcheck-operator-tech-preview/node-healthcheck-rhel8-operator",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"packageName": "workload-availability/node-healthcheck-rhel8-operator",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "unknown",
"packageName": "oadp/oadp-velero-rhel9",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "affected",
"packageName": "helm",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"packageName": "openshift-lightspeed/lightspeed-rhel9-operator",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines-client",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"packageName": "kn-workflow-plugin",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-1/kn-plugin-event-sender-rhel9",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"packageName": "openshift-serverless-clients",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-golang-builder-container",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:source_to_image:1"
],
"defaultStatus": "affected",
"packageName": "source-to-image/source-to-image-rhel8",
"product": "OpenShift Source-to-Image (S2I)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "affected",
"packageName": "openshift-power-monitoring/kepler-rhel9",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unaffected",
"packageName": "3scale-amp2/3scale-rhel7-operator",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "unaffected",
"packageName": "3scale-amp2/3scale-rhel9-operator",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-governance-policy-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-governance-policy-framework-addon-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/config-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/governance-policy-propagator-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/subctl-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "unaffected",
"packageName": "python39-qpid-proton",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "unaffected",
"packageName": "qpid-proton",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-26/receptor-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "ansible-automation-platform/platform-operator-bundle",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "automation-gateway-proxy",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-gateway-proxy-openssl30",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-gateway-proxy-openssl32",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.12-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.12-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3x-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python-grpcio",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "receptor",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "apicurio/apicurio-registry-rhel8-operator",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "apicurio/apicurio-registry-rhel9-operator",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "affected",
"packageName": "rhceph/snmp-notifier-rhel8",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "affected",
"packageName": "rhceph/snmp-notifier-rhel9",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:9"
],
"defaultStatus": "affected",
"packageName": "rhceph/alloy-rhel10",
"product": "Red Hat Ceph Storage 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:certifications:9"
],
"defaultStatus": "affected",
"packageName": "redhat-certification-preflight",
"product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"packageName": "rhcl-1/rhcl-operator-bundle",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "butane",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "conmon",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "delve",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "go-fdo-client",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "go-fdo-server",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "gpsd",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "grafana-pcp",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "gvisor-tap-vsock",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "image-builder",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "oci-seccomp-bpf-hook",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "rhc-worker-playbook",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "rhel10/bootc-image-builder",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "rhel10-eus/rhel-10.0-bootc-image-builder",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "skopeo",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "toolbox",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "trustee",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "trustee-guest-components",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "yggdrasil",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "yggdrasil-worker-package-manager",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "host-metering",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "rhc-worker-script",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "go-toolset:rhel8/golang",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "grafana-pcp",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "weldr-client",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "butane",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "conmon",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "containernetworking-plugins",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "gpsd-minimal",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "grafana-pcp",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "gvisor-tap-vsock",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "image-builder",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "rhc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "rhel9/bootc-image-builder",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "rhel9-eus/rhel-9.6-bootc-image-builder",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "runc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "skopeo",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "toolbox",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "trustee-guest-components",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "weldr-client",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lightspeed_for_runtimes:1"
],
"defaultStatus": "affected",
"packageName": "rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator",
"product": "Red Hat Lightspeed for Runtimes Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ai-gateway-payload-processing-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-codeflare-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-data-science-pipelines-operator-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-feast-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kf-notebook-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kserve-llmisvc-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kube-auth-proxy-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kuberay-operator-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kueue-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llama-stack-k8s-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-batch-gateway-apiserver-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-batch-gateway-gc-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-batch-gateway-processor-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-inference-scheduler-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-routing-sidecar-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-maas-api-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mlflow-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-api-server-v2-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-driver-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-launcher-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mm-rest-proxy-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-automl-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-autorag-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-mod-arch-eval-hub-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-gen-ai-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-maas-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-mlflow-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-model-registry-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-model-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-modelmesh-runtime-adapter-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-modelmesh-serving-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-model-registry-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-model-registry-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-model-serving-api-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-notebook-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-rhaii-cluster-validator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-rhel8-operator",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-rhel9-operator",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-trainer-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-training-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-trustyai-service-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workload-variant-autoscaler-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/rhai-cli-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"packageName": "ocm-cli-clients/ocm-cli-rhel9",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "butane",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "conmon",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "conmon-rs",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "containernetworking-plugins",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "cri-tools",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "golang-github-prometheus-promu",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "kata-containers",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/frr-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"packageName": "openshift4/ose-hypershift-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sdn-rhel7",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sdn-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sdn-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift-clients",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift-golang-builder-container",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "ose-aws-ecr-image-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "ose-azure-acr-image-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "ose-gcp-gcr-image-credential-provider",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "runc",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "skopeo",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unaffected",
"packageName": "ocs4/cephcsi-rhel8",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unaffected",
"packageName": "odf4/cephcsi-rhel8",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unaffected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"packageName": "devspaces/udi-rhel9",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:devworkspace"
],
"defaultStatus": "affected",
"packageName": "devworkspace/devworkspace-rhel9-operator",
"product": "Red Hat OpenShift Dev Workspaces Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "affected",
"packageName": "rhosdt/tempo-rhel9",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"packageName": "rosa",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/kubevirt-apiserver-proxy-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/virt-api-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "kubevirt",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "openshift-golang-builder-container",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "etcd",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "golang-github-infrawatch-apputils",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "golang-qpid-apache",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"packageName": "qpid-proton",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "rhosp-rhel8/osp-director-agent",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "collectd-libpod-stats",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "etcd",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "golang-github-infrawatch-apputils",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "golang-qpid-apache",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "unaffected",
"packageName": "qpid-proton",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "affected",
"packageName": "rhosp-rhel9/osp-director-agent",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"packageName": "golang-github-openstack-k8s-operators-os-diff",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"packageName": "rhoso-operators/sg-core-rhel9",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "satellite:el8/yggdrasil-worker-forwarder",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "satellite/iop-vmaas-rhel9",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"packageName": "yggdrasil-worker-forwarder",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"defaultStatus": "affected",
"packageName": "qpid-proton",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"defaultStatus": "unaffected",
"packageName": "skupper-cli",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "affected",
"packageName": "qpid-proton",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "unaffected",
"packageName": "skupper-cli",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "affected",
"packageName": "skupper-router",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:webterminal:1"
],
"defaultStatus": "affected",
"packageName": "web-terminal/web-terminal-exec-rhel9",
"product": "Red Hat Web Terminal",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-selinuxd-rhel8",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:stf:1.5"
],
"defaultStatus": "affected",
"packageName": "stf/sg-core-rhel9",
"product": "Service Telemetry Framework 1.5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"packageName": "golang-github-danielqsj-kafka_exporter",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"packageName": "zero-trust-workload-identity-manager/spiffe-csi-driver-rhel9",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"packageName": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-07T19:41:19.285Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1341",
"description": "Multiple Releases of Same Resource or Handle",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T02:46:17.605Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"name": "RHBZ#2467822",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33811.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:39272"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:35832"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34357"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:38504"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:39266"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36776"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:39319"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36617"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34359"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23262"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23264"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:35994"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:35993"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:35995"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:39272: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:35832: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:34357: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:38504: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:39266: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:36776: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:39319: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:36617: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:34359: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"lang": "en",
"value": "RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"lang": "en",
"value": "RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:36651: Red Hat Edge Manager 1.0"
},
{
"lang": "en",
"value": "RHSA-2026:23262: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:23264: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4"
},
{
"lang": "en",
"value": "RHSA-2026:35994: Red Hat OpenShift GitOps 1.19"
},
{
"lang": "en",
"value": "RHSA-2026:35993: Red Hat OpenShift GitOps 1.20"
},
{
"lang": "en",
"value": "RHSA-2026:35995: Red Hat OpenShift GitOps 1.21"
},
{
"lang": "en",
"value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3"
},
{
"lang": "en",
"value": "RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-07T20:01:34.913Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-07T19:41:19.285Z",
"value": "Made public."
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net",
"product": "net",
"programRoutines": [
{
"name": "cgoResSearch"
},
{
"name": "LookupCNAME"
},
{
"name": "Resolver.LookupCNAME"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.3",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "hamayanhamayan"
}
],
"descriptions": [
{
"lang": "en",
"value": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-415: Double Free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:41:19.285Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/78803"
},
{
"url": "https://go.dev/cl/767860"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"title": "Crash when handling long CNAME response in net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-33811",
"datePublished": "2026-05-07T19:41:19.285Z",
"dateReserved": "2026-03-23T20:35:32.814Z",
"dateUpdated": "2026-07-15T02:46:17.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33814 (GCVE-0-2026-33814)
Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-15 02:45
VLAI
EPSS
VEX
Title
Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
Summary
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
16 references
| URL | Tags |
|---|---|
| https://go.dev/cl/761581 | |
| https://go.dev/cl/761640 | |
| https://go.dev/issue/78476 | |
| https://groups.google.com/g/golang-announce/c/qcC… | |
| https://pkg.go.dev/vuln/GO-2026-4918 | |
| https://access.redhat.com/security/cve/CVE-2026-33814 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467815 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:34342 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23262 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23264 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33123 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33142 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33150 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33120 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:37387 | vendor-advisoryx_refsource_REDHAT |
Impacted products
67 products
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/http2 |
Affected:
0 , < 0.53.0
(semver)
|
|
| Go standard library | net/http |
Affected:
0 , < 1.25.10
(semver)
Affected: 1.26.0-0 , < 1.26.3 (semver) |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782840519 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782839981 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782839193 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782838753 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782839279 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782840539 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782844225 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782839658 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782838476 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Red Hat Hardened Images |
Unaffected:
1.25.11-2.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Hardened Images |
Unaffected:
1.26.4-2.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932114 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782931768 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932104 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783536000 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783535989 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783536515 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932521 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783018461 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783018421 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932812 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537001 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932919 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537586 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932969 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933015 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933042 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537392 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933235 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933251 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537955 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933417 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537742 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933602 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783019377 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782934054 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782934036 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782934284 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782222217 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782223341 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782296193 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1782222607 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782222163 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782223138 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782222394 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1782222451 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782226178 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782224487 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782303211 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1782224541 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782223045 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782222366 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782310747 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
Unaffected:
1782222038 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | OpenShift API for Data Protection |
cpe:/a:redhat:openshift_api_data_protection:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
Credits
Marwan Atia (marwansamir688@gmail.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-33814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T18:00:53.951676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T18:01:02.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782840519",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782839981",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782839193",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/distributed-tracing-console-plugin-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782838753",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/logging-console-plugin-pf4-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782839279",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/logging-console-plugin-pf5-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782840539",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/monitoring-console-plugin-pf5-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782844225",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/monitoring-console-plugin-pf6-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782839658",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/monitoring-console-plugin-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782838476",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "golang1-25-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.25.11-2.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "golang1-26-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.26.4-2.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932114",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782931768",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/devicefinder-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932104",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783536000",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783535989",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783536515",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932521",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783018461",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783018421",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-blackbox-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932812",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537001",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cloudnative-pg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932919",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537586",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932969",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933015",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933042",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-drbd-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537392",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-external-snapshotter-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933235",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-external-snapshotter-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933251",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537955",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933417",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537742",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933602",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783019377",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-volsync-plugin-mover-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782934054",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-volsync-plugin-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782934036",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782934284",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222217",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782223341",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782296193",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222607",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222163",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782223138",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222394",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222451",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782226178",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782224487",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782303211",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782224541",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-cni-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782223045",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-pilot-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222366",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782310747",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/istio-rhel9-operator",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782222038",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/backplane-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/hypershift-addon-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/maestro-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/multicloud-manager-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/placement-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/work-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "unknown",
"packageName": "oadp/oadp-velero-rhel9",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-golang-builder-container",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-governance-policy-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-governance-policy-framework-addon-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/config-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/governance-policy-propagator-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "go-toolset:rhel8/golang",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"packageName": "golang",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ai-gateway-payload-processing-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-codeflare-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-data-science-pipelines-operator-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-eval-hub-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-feast-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kf-notebook-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kserve-agent-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kserve-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kserve-llmisvc-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kserve-router-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kube-auth-proxy-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kuberay-operator-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-kueue-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llama-stack-k8s-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-batch-gateway-apiserver-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-batch-gateway-gc-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-batch-gateway-processor-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-inference-scheduler-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-llm-d-routing-sidecar-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-maas-api-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-maas-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mlflow-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-api-server-v2-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-driver-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-launcher-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-automl-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-autorag-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-mod-arch-eval-hub-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-gen-ai-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-maas-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-mlflow-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-model-registry-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-model-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-modelmesh-runtime-adapter-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-modelmesh-serving-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-model-registry-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-model-registry-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-model-serving-api-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-must-gather-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-notebook-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-openvino-model-server-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-rhaii-cluster-validator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-rhel9-operator",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-spark-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-ta-lmes-driver-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-th06-cpu-torch291-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-th06-cuda130-torch291-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-trainer-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-training-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-trustyai-service-operator-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-workload-variant-autoscaler-controller-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/rhai-cli-rhel9",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unknown",
"packageName": "openshift4/ose-hypershift-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift-golang-builder-container",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "openshift-golang-builder-container",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-07T19:41:17.631Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-606",
"description": "Unchecked Input for Loop Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T02:45:38.170Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"name": "RHBZ#2467815",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23262"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23264"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37387"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
},
{
"lang": "en",
"value": "RHSA-2026:23262: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:23264: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3"
},
{
"lang": "en",
"value": "RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-07T20:01:11.324Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-07T19:41:17.631Z",
"value": "Made public."
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/http2",
"product": "golang.org/x/net/http2",
"programRoutines": [
{
"name": "clientConnReadLoop.processSettingsNoWrite"
},
{
"name": "Transport.NewClientConn"
},
{
"name": "Transport.RoundTrip"
},
{
"name": "Transport.RoundTripOpt"
},
{
"name": "clientConnPool.GetClientConn"
},
{
"name": "noDialClientConnPool.GetClientConn"
},
{
"name": "noDialH2RoundTripper.NewClientConn"
},
{
"name": "noDialH2RoundTripper.RoundTrip"
},
{
"name": "unencryptedTransport.RoundTrip"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.53.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "http2clientConnReadLoop.processSettingsNoWrite"
},
{
"name": "Client.CloseIdleConnections"
},
{
"name": "Client.Do"
},
{
"name": "Client.Get"
},
{
"name": "Client.Head"
},
{
"name": "Client.Post"
},
{
"name": "Client.PostForm"
},
{
"name": "ClientConn.Close"
},
{
"name": "ClientConn.RoundTrip"
},
{
"name": "Get"
},
{
"name": "Head"
},
{
"name": "Post"
},
{
"name": "PostForm"
},
{
"name": "Transport.CloseIdleConnections"
},
{
"name": "Transport.NewClientConn"
},
{
"name": "Transport.RoundTrip"
},
{
"name": "http1ClientConn.Close"
},
{
"name": "http1ClientConn.RoundTrip"
},
{
"name": "http2Transport.NewClientConn"
},
{
"name": "http2Transport.RoundTrip"
},
{
"name": "http2Transport.RoundTripOpt"
},
{
"name": "http2clientConnPool.GetClientConn"
},
{
"name": "http2noDialClientConnPool.GetClientConn"
},
{
"name": "http2noDialH2RoundTripper.NewClientConn"
},
{
"name": "http2noDialH2RoundTripper.RoundTrip"
},
{
"name": "http2unencryptedTransport.RoundTrip"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.3",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marwan Atia (marwansamir688@gmail.com)"
}
],
"descriptions": [
{
"lang": "en",
"value": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:41:17.631Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/761581"
},
{
"url": "https://go.dev/cl/761640"
},
{
"url": "https://go.dev/issue/78476"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"title": "Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-33814",
"datePublished": "2026-05-07T19:41:17.631Z",
"dateReserved": "2026-03-23T20:35:32.814Z",
"dateUpdated": "2026-07-15T02:45:38.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35469 (GCVE-0-2026-35469)
Vulnerability from cvelistv5 – Published: 2026-04-16 21:19 – Updated: 2026-07-15 02:45
VLAI
EPSS
VEX
Title
SpdyStream: DOS on CRI
Summary
spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes — all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
63 references
| URL | Tags |
|---|---|
| https://github.com/moby/spdystream/security/advis… | x_refsource_CONFIRM |
| https://github.com/moby/spdystream/releases/tag/v0.5.1 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-35469 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457729 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:36796 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34755 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17704 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:13829 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:11070 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:11217 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:13791 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36162 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33078 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33071 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27914 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27983 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27903 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27941 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34050 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:21697 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:21692 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25009 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23235 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:20089 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25046 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34099 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17599 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17598 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34100 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29857 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17449 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:12118 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29858 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:21658 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25201 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34766 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:20042 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27004 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:20041 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29865 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:37629 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25194 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34791 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17469 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27063 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17468 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29801 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:37187 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25187 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34769 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17475 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:20034 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29835 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25207 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34794 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:29795 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:27010 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:37387 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:19099 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:19108 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17121 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:17123 | vendor-advisoryx_refsource_REDHAT |
Impacted products
122 products
| Vendor | Product | Version | |
|---|---|---|---|
| moby | spdystream |
Affected:
< 0.5.1
|
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
0:4.19.0-202606301915.p2.g63adf01.assembly.stream.el9 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | RHEM 1.0 for RHEL 9 |
Unaffected:
0:1.0.3-1.el9em , < *
(rpm)
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.10 |
Unaffected:
1779135478 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.10::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.11 |
Unaffected:
1778892370 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.11::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
1778288655 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el8 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
1778288646 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
1778264389 , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
1778302921 , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.10 |
Unaffected:
1777976489 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.10::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.8 |
Unaffected:
1777307791 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.8::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
Unaffected:
1777986630 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Container Native Virtualization 4.15 |
Unaffected:
1783042900 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.15::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.16 |
Unaffected:
1782184329 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.16::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.17 |
Unaffected:
1782358244 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.17::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.19 |
Unaffected:
1781590993 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.19::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.20 |
Unaffected:
1781838712 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.20::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.21 |
Unaffected:
1782012918 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.21::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.22 |
Unaffected:
1781852593 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.22::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
1779716480 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
1779716474 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
1779716476 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
1782395416 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
1779889638 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
1779889606 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
1779864381 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
1780956818 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
1780955979 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
1781006909 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
1780956441 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
1779915764 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
1779916110 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
1779915561 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
1779915526 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
1779251341 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
1780954827 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
1780954223 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
1780955112 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1778707884 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1778701022 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1782187374 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1782189013 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1782186020 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1782186155 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1782185537 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1777070108 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1778521451 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1779779708 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1779780608 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1779780022 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1782175121 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1782173522 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1782190146 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779251684 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779252023 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779250076 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779249730 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779249801 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1781002119 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1781557059 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1782189936 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1782871003 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1782879945 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1778138337 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1778522102 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1781023952 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1781196883 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1781844985 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1782865684 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1783419985 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1778164872 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1779250427 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1780973735 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1780979102 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1782311084 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1782861857 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1783090488 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.22 |
Unaffected:
1781103659 , < *
(rpm)
cpe:/a:redhat:openshift:4.22::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.22 |
Unaffected:
1781640970 , < *
(rpm)
cpe:/a:redhat:openshift:4.22::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.22 |
Unaffected:
1782109368 , < *
(rpm)
cpe:/a:redhat:openshift:4.22::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.22 |
Unaffected:
1782878115 , < *
(rpm)
cpe:/a:redhat:openshift:4.22::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.22 |
Unaffected:
1782878255 , < *
(rpm)
cpe:/a:redhat:openshift:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932114 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782931768 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932104 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783536000 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783535989 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783536515 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932521 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783018461 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783018421 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932812 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537001 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932919 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537586 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782932969 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933015 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933042 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537392 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933235 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933251 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537955 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933417 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783537742 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782933602 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1783019377 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782934054 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782934036 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
Unaffected:
1782934284 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Dynamic Accelerator Slicer Operator for Red Hat OpenShift |
cpe:/a:redhat:dynamic_accelerator_slicer:1 |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | Logical Volume Manager Storage |
cpe:/a:redhat:lvms:4 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3 |
cpe:/a:redhat:openshift_distributed_tracing:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-17T12:37:18.505269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T12:37:27.329Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.19.0-202606301915.p2.g63adf01.assembly.stream.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"packageName": "flightctl",
"product": "RHEM 1.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0.3-1.el9em",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.10::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/assisted-service-9-rhel9",
"product": "multicluster engine for Kubernetes 2.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779135478",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.11::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/assisted-service-9-rhel9",
"product": "multicluster engine for Kubernetes 2.11",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778892370",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el8"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/assisted-service-8-rhel8",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778288655",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/assisted-service-9-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778288646",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778264389",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778302921",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777976489",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777307791",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777986630",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783042900",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782184329",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782358244",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781590993",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781838712",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782012918",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportserver-rhel9",
"product": "Red Hat Container Native Virtualization 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781852593",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779716480",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-operator",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779716474",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779716476",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782395416",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779889638",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-operator",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779889606",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779864381",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780956818",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780955979",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-operator",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781006909",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780956441",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779915764",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon-rhel9",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779916110",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779915561",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook-rhel9",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779915526",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779251341",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon-rhel9",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780954827",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780954223",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook-rhel9",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780955112",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-powervs-block-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778707884",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778701022",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782187374",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openshift-apiserver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782189013",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-smb-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782186020",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782186155",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782185537",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782186155",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-powervs-block-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777070108",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778521451",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779779708",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779780608",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779780022",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782175121",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openshift-apiserver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782173522",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-smb-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782190146",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-powervs-block-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779251684",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779252023",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-config-daemon-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779250076",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779249730",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-sriov-network-webhook-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779249801",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781002119",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openshift-apiserver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781557059",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-smb-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782189936",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-external-provisioner-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782871003",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-hyperkube-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782879945",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-powervs-block-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778138337",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778522102",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781023952",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openshift-apiserver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781196883",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-smb-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781844985",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-external-provisioner-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782865684",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-aws-efs-csi-driver-container-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783419985",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-node-feature-discovery-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778164872",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-powervs-block-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779250427",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780973735",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openshift-apiserver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780979102",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-smb-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782311084",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-external-provisioner-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782861857",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-aws-efs-csi-driver-container-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783090488",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-aws-efs-csi-driver-container-rhel9",
"product": "Red Hat OpenShift Container Platform 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781103659",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-smb-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781640970",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-external-provisioner-rhel9",
"product": "Red Hat OpenShift Container Platform 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782109368",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-azure-disk-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782878115",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-node-driver-registrar-rhel9",
"product": "Red Hat OpenShift Container Platform 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782878255",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932114",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782931768",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/devicefinder-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932104",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783536000",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783535989",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783536515",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932521",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783018461",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783018421",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-blackbox-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932812",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537001",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cloudnative-pg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932919",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537586",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782932969",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933015",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933042",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-drbd-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537392",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-external-snapshotter-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933235",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-external-snapshotter-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933251",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537955",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933417",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783537742",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782933602",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783019377",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-volsync-plugin-mover-rhel9",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782934054",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-volsync-plugin-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782934036",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782934284",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"packageName": "cert-manager/cert-manager-operator-bundle",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"packageName": "cert-manager/cert-manager-operator-rhel9",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"packageName": "cert-manager/jetstack-cert-manager-acmesolver-rhel9",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"packageName": "cert-manager/jetstack-cert-manager-rhel9",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:dynamic_accelerator_slicer:1"
],
"defaultStatus": "affected",
"packageName": "dynamic-accelerator-slicer-tech-preview/instaslice-daemonset-rhel9",
"product": "Dynamic Accelerator Slicer Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:dynamic_accelerator_slicer:1"
],
"defaultStatus": "affected",
"packageName": "dynamic-accelerator-slicer-tech-preview/instaslice-operator-bundle",
"product": "Dynamic Accelerator Slicer Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:dynamic_accelerator_slicer:1"
],
"defaultStatus": "affected",
"packageName": "dynamic-accelerator-slicer-tech-preview/instaslice-rhel9-operator",
"product": "Dynamic Accelerator Slicer Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:dynamic_accelerator_slicer:1"
],
"defaultStatus": "affected",
"packageName": "dynamic-accelerator-slicer-tech-preview/instaslice-scheduler-rhel9",
"product": "Dynamic Accelerator Slicer Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:dynamic_accelerator_slicer:1"
],
"defaultStatus": "affected",
"packageName": "dynamic-accelerator-slicer-tech-preview/instaslice-webhook-rhel9",
"product": "Dynamic Accelerator Slicer Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "external-secrets-operator/bitwarden-sdk-server-rhel9",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "external-secrets-operator/external-secrets-operator-bundle",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "external-secrets-operator/external-secrets-operator-rhel9",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "external-secrets-operator/external-secrets-rhel9",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/lvms-must-gather-rhel8",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/lvms-must-gather-rhel9",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/lvms-operator-bundle",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"packageName": "lvms4/lvms-rhel9-operator",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/cluster-curator-controller-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/hive-rhel9",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/hypershift-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/acm-must-gather-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "cri-o",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "lvms4/lvms-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "microshift",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/cnf-tests-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4-dev-preview-beta/openperouter-operator-bundle",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4-dev-preview-beta/openperouter-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/kubevirt-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/microshift-bootc-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/noderesourcetopology-scheduler-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/numaresources-must-gather-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/numaresources-operator-bundle",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/numaresources-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/openshift-route-controller-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-aws-cloud-controller-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-aws-ebs-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-azure-cloud-controller-manager-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-azure-cloud-controller-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-azure-cloud-node-manager-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-azure-cloud-node-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-azure-disk-csi-driver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-azure-file-csi-driver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-azure-file-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-cluster-autoscaler-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-cluster-capacity-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-cluster-kube-apiserver-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-cluster-kube-apiserver-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-cluster-policy-controller-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-driver-manila-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-driver-manila-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-csi-driver-nfs-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-cni-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-daemon-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-intel-ipu-p4sdk-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-intel-ipu-vsp-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-intel-netsec-vsp-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-marvell-cp-agent-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-marvell-vsp-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-network-resources-injector-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-dpu-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-gcp-cloud-controller-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-hypershift-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-kube-proxy-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-machine-config-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-machine-config-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-multus-cni-microshift-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-multus-cni-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openshift-apiserver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-openshift-controller-manager-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-openshift-controller-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openstack-cinder-csi-driver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-openstack-cinder-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openstack-cloud-controller-manager-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-openstack-cloud-controller-manager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-ovn-kubernetes-microshift-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-ovn-kubernetes-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-sriov-network-device-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-sriov-network-metrics-exporter-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-tests",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-tests-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-vmware-vsphere-csi-driver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-vmware-vsphere-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-vsphere-csi-driver-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-vsphere-csi-driver-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-vsphere-csi-driver-syncer-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-vsphere-csi-driver-syncer-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/sriov-network-metrics-exporter-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4-wincw/windows-machine-config-rhel8-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ztp-site-generate-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/opentelemetry-collector-rhel9",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"packageName": "openshift4-wincw/windows-machine-config-operator-bundle",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/argo-rollouts-rhel8",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/libguestfs-tools-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/multus-dynamic-networks-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/passt-network-binding-plugin-cni-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/pr-helper-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/sidecar-shim-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-api-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-artifacts-server-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-controller-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-exportproxy-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-launcher-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-operator-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/wasp-agent-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "unaffected",
"packageName": "zero-trust-workload-identity-manager/zero-trust-workload-identity-manager-rhel9",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
}
],
"datePublic": "2026-04-13T23:59:59.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T02:45:47.035Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"name": "RHBZ#2457729",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-35469.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34755"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17704"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13829"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13791"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36162"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33078"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33071"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27914"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27983"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27903"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27941"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34050"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21697"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21692"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25009"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23235"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20089"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25046"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34099"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17599"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17598"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34100"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29857"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17449"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12118"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29858"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21658"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25201"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34766"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20042"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27004"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20041"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29865"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37629"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25194"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34791"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17469"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27063"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17468"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29801"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37187"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25187"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34769"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17475"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20034"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29835"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25207"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34794"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29795"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27010"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37387"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19099"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19108"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17121"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17123"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:34755: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:17704: Red Hat Advanced Cluster Management for Kubernetes 2.13"
},
{
"lang": "en",
"value": "RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:11070: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:11217: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:36162: Red Hat Container Native Virtualization 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:33078: Red Hat Container Native Virtualization 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:33071: Red Hat Container Native Virtualization 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:27914: Red Hat Container Native Virtualization 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:27983: Red Hat Container Native Virtualization 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:27903: Red Hat Container Native Virtualization 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:27941: Red Hat Container Native Virtualization 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:34050: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:21697: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:21692: Red Hat OpenShift Container Platform 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:25009: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:23235: Red Hat OpenShift Container Platform 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:20089: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:25046: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:34099: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:17599: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:17598: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:34100: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:29857: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:17449: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:12118: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:29858: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:21658: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:25201: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:34766: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:20042: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:27004: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:29865: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:37629: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:25194: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:34791: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:17469: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:27063: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:17468: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:29801: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:37187: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:25187: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:34769: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:17475: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:20034: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:29835: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:25207: Red Hat OpenShift Container Platform 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:34794: Red Hat OpenShift Container Platform 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:29795: Red Hat OpenShift Container Platform 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:27010: Red Hat OpenShift Container Platform 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:19099: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:19108: multicluster engine for Kubernetes 2.11"
},
{
"lang": "en",
"value": "RHSA-2026:17121: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:17123: multicluster engine for Kubernetes 2.8"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-13T03:52:35.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-13T23:59:59.000Z",
"value": "Made public."
}
],
"title": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "spdystream",
"vendor": "moby",
"versions": [
{
"status": "affected",
"version": "\u003c 0.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes \u2014 all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T21:19:23.516Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/moby/spdystream/security/advisories/GHSA-pc3f-x583-g7j2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/moby/spdystream/security/advisories/GHSA-pc3f-x583-g7j2"
},
{
"name": "https://github.com/moby/spdystream/releases/tag/v0.5.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/moby/spdystream/releases/tag/v0.5.1"
}
],
"source": {
"advisory": "GHSA-pc3f-x583-g7j2",
"discovery": "UNKNOWN"
},
"title": "SpdyStream: DOS on CRI"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35469",
"datePublished": "2026-04-16T21:19:23.516Z",
"dateReserved": "2026-04-02T20:49:44.452Z",
"dateUpdated": "2026-07-15T02:45:47.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-39817 (GCVE-0-2026-39817)
Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:29
VLAI
EPSS
VEX
Title
Invoking "go tool pack" does not sanitize output paths in cmd/go
Summary
The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go toolchain | cmd/go |
Affected:
0 , < 1.25.10
(semver)
Affected: 1.26.0-0 , < 1.26.3 (semver) |
Credits
Harshit Gupta (Mr HAX)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-39817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T16:58:23.255142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T21:29:47.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "cmd/go",
"product": "cmd/go",
"vendor": "Go toolchain",
"versions": [
{
"lessThan": "1.25.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.3",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Harshit Gupta (Mr HAX)"
}
],
"descriptions": [
{
"lang": "en",
"value": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:41:18.993Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/78778"
},
{
"url": "https://go.dev/cl/767520"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4979"
}
],
"title": "Invoking \"go tool pack\" does not sanitize output paths in cmd/go"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-39817",
"datePublished": "2026-05-07T19:41:18.993Z",
"dateReserved": "2026-04-07T18:13:03.524Z",
"dateUpdated": "2026-05-08T21:29:47.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…