Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-68973 (GCVE-0-2025-68973)
Vulnerability from cvelistv5 – Published: 2025-12-28 16:19 – Updated: 2026-01-14 19:04
VLAI?
EPSS
Summary
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Severity ?
7.8 (High)
CWE
- CWE-675 - Multiple Operations on Resource in Single-Operation Context
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68973",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-29T16:22:29.534824Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-29T16:22:32.478Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gpg.fail/memcpy"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-14T19:04:33.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/12/29/11"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GnuPG",
"vendor": "GnuPG",
"versions": [
{
"lessThan": "2.2.51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.4.9",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.9",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-675",
"description": "CWE-675 Multiple Operations on Resource in Single-Operation Context",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T20:43:57.832Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gpg.fail/memcpy"
},
{
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
},
{
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"url": "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51"
},
{
"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-68973",
"datePublished": "2025-12-28T16:19:11.019Z",
"dateReserved": "2025-12-28T16:19:10.762Z",
"dateUpdated": "2026-01-14T19:04:33.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-68973\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-12-28T17:16:01.500\",\"lastModified\":\"2026-01-14T19:16:46.857\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.4,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-675\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.4.8\",\"matchCriteriaId\":\"8D4239B3-0B8A-4E14-9E33-DD52A3F8FF25\"}]}]}],\"references\":[{\"url\":\"https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://gpg.fail/memcpy\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=46403200\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2025/12/28/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/12/29/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://gpg.fail/memcpy\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Broken Link\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/12/29/11\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-01-14T19:04:33.329Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-68973\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-29T16:22:29.534824Z\"}}}], \"references\": [{\"url\": \"https://gpg.fail/memcpy\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-29T16:22:23.591Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"GnuPG\", \"product\": \"GnuPG\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.2.51\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.3.0\", \"lessThan\": \"2.4.9\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://gpg.fail/memcpy\"}, {\"url\": \"https://news.ycombinator.com/item?id=46403200\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2025/12/28/5\"}, {\"url\": \"https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9\"}, {\"url\": \"https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306\"}, {\"url\": \"https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51\"}, {\"url\": \"https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i\"}], \"x_generator\": {\"engine\": \"CVE-Request-form 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-675\", \"description\": \"CWE-675 Multiple Operations on Resource in Single-Operation Context\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.2.51\"}, {\"criteria\": \"cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.4.9\", \"versionStartIncluding\": \"2.3.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-01-02T20:43:57.832Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-68973\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-14T19:04:33.329Z\", \"dateReserved\": \"2025-12-28T16:19:10.762Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-12-28T16:19:11.019Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2025-2928
Vulnerability from csaf_certbund - Published: 2025-12-28 23:00 - Updated: 2026-02-04 23:00Summary
GnuPG: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
GNU Privacy Guard (GnuPG) ist ein quelloffenes Verschlüsselungs Tool
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in GnuPG ausnutzen, um Sicherheitsvorkehrungen zu umgehen und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "GNU Privacy Guard (GnuPG) ist ein quelloffenes Verschl\u00fcsselungs Tool",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in GnuPG ausnutzen, um Sicherheitsvorkehrungen zu umgehen und weitere, nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2928 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2928.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2928 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2928"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2025-12-28",
"url": "https://seclists.org/oss-sec/2025/q4/311"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-12-28",
"url": "https://github.com/advisories/GHSA-w789-3q45-984r"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-12-28",
"url": "https://github.com/advisories/GHSA-PJ23-86WW-F72P"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10001-1 vom 2026-01-02",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LHWSYBDDRKDBJGNQZMJ25ELH3KFSH5WT/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7946-2 vom 2026-01-08",
"url": "https://ubuntu.com/security/notices/USN-7946-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7946-1 vom 2026-01-09",
"url": "https://ubuntu.com/security/notices/USN-7946-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4437 vom 2026-01-14",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0697 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0697"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0719 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0719"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20029-1 vom 2026-01-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WC6TBD5ICFFBQXXMJC7MZYWDYPVY3GC3/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0697 vom 2026-01-15",
"url": "https://linux.oracle.com/errata/ELSA-2026-0697.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0719 vom 2026-01-16",
"url": "https://linux.oracle.com/errata/ELSA-2026-0719.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0728 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0728"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0728 vom 2026-01-16",
"url": "https://linux.oracle.com/errata/ELSA-2026-0728.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0761 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0761"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0697 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0697"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0728 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0728"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0719 vom 2026-01-20",
"url": "https://errata.build.resf.org/RLSA-2026:0719"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20080-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023818.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3125 vom 2026-01-22",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3125.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0935 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0935"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0974 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0974"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1014 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:1014"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0215-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0214-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023871.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20108-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023880.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1229 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:1229"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1230 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:1230"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1468 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1468"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1517 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1652 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1677 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1677"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1629 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1629"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1705 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1705"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1736 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1719 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1719"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1858 vom 2026-02-03",
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1859 vom 2026-02-03",
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0378-1 vom 2026-02-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024043.html"
}
],
"source_lang": "en-US",
"title": "GnuPG: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-04T23:00:00.000+00:00",
"generator": {
"date": "2026-02-05T09:40:14.035+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2928",
"initial_release_date": "2025-12-28T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-12-28T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-04T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-08T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-01-15T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat, openSUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon und Red Hat aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=2.4.8",
"product": {
"name": "Open Source GnuPG \u003c=2.4.8",
"product_id": "6156D629-66DD-44D1-8D71-41391E055F5A"
}
},
{
"category": "product_version_range",
"name": "\u003c=2.4.8",
"product": {
"name": "Open Source GnuPG \u003c=2.4.8",
"product_id": "6156D629-66DD-44D1-8D71-41391E055F5A-fixed"
}
}
],
"category": "product_name",
"name": "GnuPG"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68972",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T032255"
],
"last_affected": [
"6156D629-66DD-44D1-8D71-41391E055F5A"
]
},
"release_date": "2025-12-28T23:00:00.000+00:00",
"title": "CVE-2025-68972"
},
{
"cve": "CVE-2025-68973",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T032255"
],
"last_affected": [
"6156D629-66DD-44D1-8D71-41391E055F5A"
]
},
"release_date": "2025-12-28T23:00:00.000+00:00",
"title": "CVE-2025-68973"
}
]
}
RHSA-2026:0719
Vulnerability from csaf_redhat - Published: 2026-01-15 17:17 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0719",
"url": "https://access.redhat.com/errata/RHSA-2026:0719"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0719.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:14+00:00",
"generator": {
"date": "2026-02-11T15:13:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0719",
"initial_release_date": "2026-01-15T17:17:05+00:00",
"revision_history": [
{
"date": "2026-01-15T17:17:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T17:17:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.src",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.src",
"product_id": "gnupg2-0:2.3.3-5.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.src",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T17:17:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0719"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:2485
Vulnerability from csaf_redhat - Published: 2026-02-10 20:29 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: Insights proxy Container Image
Notes
Topic
Initial GA Release of Red Hat Insights proxy
Details
The Insights proxy Container is used by the Insights proxy product RPM
and serves as an intermediary between cystomer systems in disconnected networks,
air-gapped systems or systems with no outside connections and Insights.
The Insights proxy routes all Red Hat Insights traffic through itself, providing
a layer of privary and security for disconnected customer systems.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Initial GA Release of Red Hat Insights proxy",
"title": "Topic"
},
{
"category": "general",
"text": "The Insights proxy Container is used by the Insights proxy product RPM\nand serves as an intermediary between cystomer systems in disconnected networks,\nair-gapped systems or systems with no outside connections and Insights.\n\nThe Insights proxy routes all Red Hat Insights traffic through itself, providing\na layer of privary and security for disconnected customer systems.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2485",
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11187",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13601",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14104",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15468",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15469",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66199",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68160",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69418",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69419",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69420",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69421",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9086",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22795",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22796",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2485.json"
}
],
"title": "Red Hat Security Advisory: Insights proxy Container Image",
"tracking": {
"current_release_date": "2026-02-11T15:13:43+00:00",
"generator": {
"date": "2026-02-11T15:13:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:2485",
"initial_release_date": "2026-02-10T20:29:13+00:00",
"revision_history": [
{
"date": "2026-02-10T20:29:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-10T20:29:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Insights proxy 1.5",
"product": {
"name": "Red Hat Insights proxy 1.5",
"product_id": "Red Hat Insights proxy 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:insights_proxy:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Insights proxy"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64",
"product": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64",
"product_id": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-proxy-container-rhel9@sha256%3Aab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016?arch=amd64\u0026repository_url=registry.redhat.io/insights-proxy\u0026tag=1770740405"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"product": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"product_id": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/insights-proxy-container-rhel9@sha256%3A975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc?arch=arm64\u0026repository_url=registry.redhat.io/insights-proxy\u0026tag=1770740405"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64 as a component of Red Hat Insights proxy 1.5",
"product_id": "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64"
},
"product_reference": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"relates_to_product_reference": "Red Hat Insights proxy 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64 as a component of Red Hat Insights proxy 1.5",
"product_id": "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
},
"product_reference": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64",
"relates_to_product_reference": "Red Hat Insights proxy 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-12T06:01:02.244669+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394750"
}
],
"notes": [
{
"category": "description",
"text": "1. A cookie is set using the `secure` keyword for `https://target` \n 2. curl is redirected to or otherwise made to speak with `http://target` (same \n hostname, but using clear text HTTP) using the same cookie set \n 3. The same cookie name is set - but with just a slash as path (`path=\\\"/\\\",`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: Curl out of bounds read for cookie path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "RHBZ#2394750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.html",
"url": "https://curl.se/docs/CVE-2025-9086.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.json",
"url": "https://curl.se/docs/CVE-2025-9086.json"
},
{
"category": "external",
"summary": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6",
"url": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3294999",
"url": "https://hackerone.com/reports/3294999"
}
],
"release_date": "2025-09-12T05:10:03.815000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: libcurl: Curl out of bounds read for cookie path"
},
{
"cve": "CVE-2025-11187",
"cwe": {
"id": "CWE-233",
"name": "Improper Handling of Parameters"
},
"discovery_date": "2026-01-16T14:21:50.559000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. It affects OpenSSL versions 3.6, 3.5, and 3.4, where improper validation of PBMAC1 parameters in PKCS#12 MAC verification can lead to a stack buffer overflow or NULL pointer dereference. Exploitation requires an application to process a maliciously crafted PKCS#12 file, which is uncommon as these files are typically trusted. OpenSSL versions 3.3, 3.0, 1.1.1, and 1.0.2 are not affected as they do not support PBMAC1 in PKCS#12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "RHBZ#2430375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted PKCS#12 files. Applications should only handle PKCS#12 files from trusted sources, as these files are typically used for storing private keys and are expected to be secure.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file"
},
{
"cve": "CVE-2025-13601",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-24T12:49:28.274000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416741"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Integer overflow in in g_escape_uri_string()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "RHBZ#2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914",
"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"
}
],
"release_date": "2025-11-24T13:00:15.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Integer overflow in in g_escape_uri_string()"
},
{
"cve": "CVE-2025-14104",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-05T14:16:36.004000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419369"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "RHBZ#2419369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104"
}
],
"release_date": "2025-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-15468",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:51.062000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The NULL pointer dereference in the `SSL_CIPHER_find()` function, affecting OpenSSL versions 3.3, 3.4, 3.5, and 3.6, occurs only when applications utilizing the QUIC protocol uncommonly invoke this function from the `client_hello_cb` callback with an unknown cipher ID. This specific usage pattern and the resulting Denial of Service limit the overall impact in the Red Hat context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "RHBZ#2430377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling"
},
{
"cve": "CVE-2025-15469",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-16T14:21:51.411000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The flaw affects the `openssl dgst` command-line tool when used with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) on files larger than 16MB. Impact is limited as it requires both signing and verification to be performed using the affected command, and verifiers using library APIs are not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "RHBZ#2430378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `openssl dgst` command with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) for files larger than 16MB. Instead, utilize streaming digest algorithms with `openssl dgst` or use library APIs for signing and verification, as these are not affected by the truncation vulnerability. Users should ensure that input files for one-shot signing/verification with `openssl dgst` do not exceed 16MB.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation"
},
{
"cve": "CVE-2025-66199",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T14:21:51.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. The flaw in OpenSSL 3.3, 3.4, 3.5, and 3.6 allows an attacker to cause excessive memory allocation during TLS 1.3 handshake with certificate compression, potentially leading to a Denial of Service. This affects both clients and servers in mutual TLS scenarios where certificate compression is negotiated. Servers not requesting client certificates are not vulnerable to client-initiated attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "RHBZ#2430379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the reception of compressed certificates by setting the SSL_OP_NO_RX_CERTIFICATE_COMPRESSION option in OpenSSL configurations. This will prevent the vulnerable code path from being exercised.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression"
},
{
"cve": "CVE-2025-68160",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-16T14:21:52.088000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430380"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The `BIO_f_linebuffer` filter, where this heap out-of-bounds write occurs, is not used by default in TLS/SSL data paths within Red Hat products. Exploitation requires third-party applications to explicitly use this filter with a BIO chain that can short-write and process large, newline-free data influenced by an attacker, which is an unlikely scenario under attacker control. Red Hat FIPS modules are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "RHBZ#2430380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2025-69418",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-01-16T14:21:52.438000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430381"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. In the Red Hat context, impact is limited because typical OpenSSL consumers using higher-level EVP APIs are not affected. The flaw only manifests when applications directly call low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in hardware-accelerated builds. Additionally, TLS does not use OCB ciphersuites, and FIPS modules are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "RHBZ#2430381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls"
},
{
"cve": "CVE-2025-69419",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-01-16T14:21:52.793000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. An out-of-bounds write in OpenSSL\u0027s PKCS12_get_friendlyname() function can lead to denial of service or arbitrary code execution. Exploitation requires an application to parse a specially crafted malicious PKCS#12 file. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "RHBZ#2430386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, Red Hat recommends avoiding the processing of PKCS#12 files from untrusted or unverified sources. Applications that use the `PKCS12_get_friendlyname()` API should ensure that PKCS#12 files are only processed if they originate from trusted entities. Restricting the input sources for PKCS#12 files can significantly reduce the attack surface for this flaw.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing"
},
{
"cve": "CVE-2025-69420",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.497000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the TimeStamp Response verification code can lead to a Denial of Service when processing a specially crafted TimeStamp Response. Exploitation requires an application to call `TS_RESP_verify_response()` with a malformed response, and the TimeStamp protocol (RFC 3161) is not widely used. Red Hat FIPS modules are not affected as the TimeStamp Response implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "RHBZ#2430388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response"
},
{
"cve": "CVE-2025-69421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:53.845000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat because it requires an application to process a specially crafted, malformed PKCS#12 file, leading to a Denial of Service. The vulnerability is limited to a crash and cannot be escalated to achieve code execution or memory disclosure. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "RHBZ#2430387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing"
},
{
"cve": "CVE-2026-22795",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.146000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430389"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. An application processing a maliciously crafted PKCS#12 file can be caused to dereference an invalid or NULL pointer, resulting in a Denial of Service. In the Red Hat context, impact is limited as PKCS#12 files are typically used for trusted private keys and are not commonly accepted from untrusted sources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "RHBZ#2430389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing"
},
{
"cve": "CVE-2026-22796",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-01-16T14:43:21.598000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430390"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the legacy PKCS#7 API can lead to a Denial of Service when processing specially crafted PKCS#7 data. Exploitation requires an application to perform signature verification of malformed PKCS#7 data. Red Hat products utilizing the FIPS module are not affected as the PKCS#7 parsing is outside the module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "RHBZ#2430390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T20:29:13+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat\nInsights proxy product RPM.\n\nBefore applying this update, make sure all previously released errata relevant to\nyour system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:975a1e501a8520df83f3f4114e72a71384ff1866ec99c7a45fffbf8c76ef5cbc_arm64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:ab86ba36e62e8aec5ba48e9e0076b1f8086c48157c85990be0e2ce3e03273016_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification"
}
]
}
RHSA-2026:2568
Vulnerability from csaf_redhat - Published: 2026-02-11 15:09 - Updated: 2026-02-11 16:03Summary
Red Hat Security Advisory: RHACS 4.9.3 security and bug fix update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details
See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2568",
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68428",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-493_release-notes-49",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-493_release-notes-49"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2568.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.9.3 security and bug fix update",
"tracking": {
"current_release_date": "2026-02-11T16:03:44+00:00",
"generator": {
"date": "2026-02-11T16:03:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:2568",
"initial_release_date": "2026-02-11T15:09:41+00:00",
"revision_history": [
{
"date": "2026-02-11T15:09:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-11T15:09:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T16:03:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.9",
"product": {
"name": "Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Afdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Af5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769100379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ab604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Aeffcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ac399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Abff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769100379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Afe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ab88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769100379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ab4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Af4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769100379"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Adea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ab6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ac1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769577723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ab57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Aec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770074713"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
},
{
"cve": "CVE-2025-68428",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2026-01-05T22:01:15.703824+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427236"
}
],
"notes": [
{
"category": "description",
"text": "jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "RHBZ#2427236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d",
"url": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2"
}
],
"release_date": "2026-01-05T21:43:55.169000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T15:09:41+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:883829bc4863879bfa6f1a73b18a7dca659a699664a3851f24e2b08cc15cf0e0_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:954a69b7fc21665057ef4de00d5a3fe1907cb6b3a02faa922d61ba9b9561ff85_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f4141ca6948e53983b0aef57965bed68be81db2ef84ca4fca597e3f5655ecd7d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fdc9b12b9ee45dd85e277f21f5219c8900b7c0a684090937a9a4cf69a3d22061_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:6ddaad689e2065044d8c13fed306f0d6051199b19689b12c4d60c785243cb3ee_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:709d85ccdd2c9ddde6c152a44356800cca972d655dc310f7fdf4307c52f34a73_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:9bdd97f707c4ce105262bd4891d9f644f4ede21005409251051e670045e61e37_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:f5bbdaab3899347f0199211c97f3643bc0aed644d7f2117b22bce1bb61ea7838_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:25bb4a371c5656d01a53060df46b7fbb5a287fe843c08581be69fb42ff5ec5dd_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:68ec422055d5c2bd25e891853a5871e57f2c3a175ccea404be52a84c5b470e8f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:896bba113fa4ba5eab3bc944d58f7492b55945e2802845edee9362b0682ab419_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dea9e54e863bb2694aec735efa084c60f0083f02f749388aaf872067629a4589_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:4293e169ce795c57143e5a37e0b909ba19d702d26830c749f960ce4ec77c0897_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2d7d654755857e5a164827f2bbc022d1c23f7229b4164faa5c61e852c1706800_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:817f1ffbf4d8917fdb02f33a5ffd72e16f73952897356cb4d21f1daf1b6e3d88_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9fd9a15845c8e2b663c502a15efb17f2bc3b3555eb513a7972ffe71f37654b9e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:b6764d281ee6620dbe9b825dc0d0f5e03bc1b2c1a440ccd28a159eb8cd3e2166_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52db816d2bddde50796a4a5ceb22a9a54fc72bd3b2c1564e7515d0cda2f6c0c1_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7a49b9e8ea59229abd9c73c7c0c89ca4e6ed4b30ff8c3b5867c7aaf861658bf2_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b604aabc30af38b467a1679352a1bf76297520d028ddde8555bcc920887641b3_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d09d170ce80d0e59bb67f64a31b26fef702d3d5d73b50d0475f92268f9d6f094_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:05ddda7a4ba49a18e5498d9ff8c3565f7a4abc96c985feec10887bb0c1b8aec3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:552b628dee91632aeae32b09add80d1293ff6210585ec1469e1181660ee626e9_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b42e39f651d32f6f3d52496904a6837571b41bd4f104164f7c7e53f7866f2e74_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f630b49b63c4c3e5a06f9fb96c16858af84baf0988386c11ed3f28a4a1d596b6_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:22b88e02a978be77ef7c104bb7ee7844630413b4bfd307ed2028ac7749ec4eaf_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4138b33646b5bb576c0f20fb2b436e8f4afb214201fb0c4e0223cdaf22bdb98d_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c399ab5c8f1c0702788c49bd02cdc3495e44ae777c5e89771798eff2ac32c96e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e85ca69d5d3e49fbd27f6f933460ec8c91ff5a02db9fcffbc6df56ab8365e05c_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5f83884b0a2b48f34e14b949f43e68ad4b99cb8d228bec74b5126b89cc007808_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:60ec86b8361ab04a7ab167079e7ba62ca091596ce21bf62904d358b9e23d7576_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:effcbf4f105173a4725b450706db3297b77bcfd4a9d7b0b9f7b2f8a88436a50c_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fe930290f16d00ea10ed532739267ea1e5e2d71981405462f7ccdfb0e687dd5a_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0456c738acfa45201b2575099cb9347e653eb236b8dfaae076c79dcacbfcbf05_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5bc76aef177b4d7d13712e680a6a89771982b550316e44053c1f46fd053506da_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bff622e8cdc9fa5f697816e1f8aaa86a1dd12bf018906257403907f8896dc649_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fb03f17968db99962f6cea11dd288fd0101bc9b8168cd296c148b451dab6d7_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4a35cd2f60df70215a8344cbb2ba17c36856a0e59dbf0b4e26c63834968c791c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b4232e6ba47868e601e14b219730d272ca953065c7bd998ed5266238d13eb71a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ec5aa99bc9c1fdc57be287f9402cbcdd31274eeac7bc158615c0c61a9fa7f3fe_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f8412ae382a83aa6be858ead781b6303cfa39c2574800ca181d62355c023ef6b_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f5f88357d4d95c1ffa397cbc346bf9f5dc2db8f4e5579abad88c0ad2963d162_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5c3f41025d90f9288ddc2e6f749ecf9765e6489184acd7532d0d2f3e476473f3_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b57d042b045f2600dbd6e446c0c651b1ae0a85158077bd52cd0b76616bb95230_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b88a4d77f26b9f230d8abbc06aa0a3a1cde6df903a6ef797ee18efb81e2674ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
}
]
}
RHSA-2026:1677
Vulnerability from csaf_redhat - Published: 2026-02-02 07:37 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1677",
"url": "https://access.redhat.com/errata/RHSA-2026:1677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1677.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:27+00:00",
"generator": {
"date": "2026-02-11T15:13:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1677",
"initial_release_date": "2026-02-02T07:37:37+00:00",
"revision_history": [
{
"date": "2026-02-02T07:37:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T07:37:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.src",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.src",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.src",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.src",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T07:37:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1677"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1858
Vulnerability from csaf_redhat - Published: 2026-02-03 17:17 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Notes
Topic
A new version of Red Hat build of Ceph Storage has been released
Details
The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1858",
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1858.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-02-11T15:13:31+00:00",
"generator": {
"date": "2026-02-11T15:13:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1858",
"initial_release_date": "2026-02-03T17:17:26+00:00",
"revision_history": [
{
"date": "2026-02-03T17:17:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-03T17:17:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 7",
"product": {
"name": "Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aeda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Afb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ace94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ad87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ac8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Af40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ad2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1014
Vulnerability from csaf_redhat - Published: 2026-01-22 15:48 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1014",
"url": "https://access.redhat.com/errata/RHSA-2026:1014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1014.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:18+00:00",
"generator": {
"date": "2026-02-11T15:13:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1014",
"initial_release_date": "2026-01-22T15:48:38+00:00",
"revision_history": [
{
"date": "2026-01-22T15:48:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-22T15:48:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.4::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-2.el8_4.1.src",
"product": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.src",
"product_id": "gnupg2-0:2.2.20-2.el8_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-2.el8_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-2.el8_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.src as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:48:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1014"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1468
Vulnerability from csaf_redhat - Published: 2026-01-28 07:58 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1468",
"url": "https://access.redhat.com/errata/RHSA-2026:1468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1468.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:23+00:00",
"generator": {
"date": "2026-02-11T15:13:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1468",
"initial_release_date": "2026-01-28T07:58:16+00:00",
"revision_history": [
{
"date": "2026-01-28T07:58:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T07:58:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.9-1.el8_2.1.src",
"product": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.src",
"product_id": "gnupg2-0:2.2.9-1.el8_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.9-1.el8_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.9-1.el8_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src"
},
"product_reference": "gnupg2-0:2.2.9-1.el8_2.1.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T07:58:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1468"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1629
Vulnerability from csaf_redhat - Published: 2026-02-02 01:57 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1629",
"url": "https://access.redhat.com/errata/RHSA-2026:1629"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1629.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:30+00:00",
"generator": {
"date": "2026-02-11T15:13:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1629",
"initial_release_date": "2026-02-02T01:57:21+00:00",
"revision_history": [
{
"date": "2026-02-02T01:57:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T01:57:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.src",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.src",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.src",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T01:57:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1629"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1859
Vulnerability from csaf_redhat - Published: 2026-02-03 17:24 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update
Notes
Topic
An updated OpenShift Compliance Operator image that fixes various bugs and adds new
enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.
Details
The OpenShift Compliance Operator v1.8.2 is now available.
See the documentation for bug fix information:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated OpenShift Compliance Operator image that fixes various bugs and adds new\nenhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "The OpenShift Compliance Operator v1.8.2 is now available.\nSee the documentation for bug fix information:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1859",
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1859.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-02-11T15:13:31+00:00",
"generator": {
"date": "2026-02-11T15:13:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1859",
"initial_release_date": "2026-02-03T17:24:45+00:00",
"revision_history": [
{
"date": "2026-02-03T17:24:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-03T17:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Compliance Operator 1",
"product": {
"name": "Compliance Operator 1",
"product_id": "Compliance Operator 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_compliance_operator:1::el9"
}
}
}
],
"category": "product_family",
"name": "Compliance Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-operator-bundle@sha256%3Addc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769512879"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ab28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3Ac49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3Ab91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Ac3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ac630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ad4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Aeba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3A616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"relates_to_product_reference": "Compliance Operator 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
],
"known_not_affected": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:24:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:2350
Vulnerability from csaf_redhat - Published: 2026-02-09 15:50 - Updated: 2026-02-11 16:03Summary
Red Hat Security Advisory: RHACS 4.9.3 security and bug fix update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details
See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2350",
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68428",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-493_release-notes-49",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-493_release-notes-49"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2350.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.9.3 security and bug fix update",
"tracking": {
"current_release_date": "2026-02-11T16:03:41+00:00",
"generator": {
"date": "2026-02-11T16:03:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:2350",
"initial_release_date": "2026-02-09T15:50:42+00:00",
"revision_history": [
{
"date": "2026-02-09T15:50:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-09T15:50:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T16:03:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.9",
"product": {
"name": "Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Acfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769065259"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ad8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Abaa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ae2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ac1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Aa75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Acf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ad63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769065259"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ae87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Abd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ad9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aa3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ade3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769065259"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Af49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ae5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Abe9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769065259"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ad9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Adb417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769492398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1770250889"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64 as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x as a component of Red Hat Advanced Cluster Security 4.9",
"product_id": "Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
},
{
"cve": "CVE-2025-68428",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2026-01-05T22:01:15.703824+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427236"
}
],
"notes": [
{
"category": "description",
"text": "jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "RHBZ#2427236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d",
"url": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2"
}
],
"release_date": "2026-01-05T21:43:55.169000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T15:50:42+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:0b85460655f6f540e6278f5bd08e6c52ea3a3e4acb54a79d524247227f5e9d7c_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:294c8f3d3cce71c22e6bde11783c04fa5db2ae19ad2a741c418005faa41da67a_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:4efd0780d62b6dddbd5eef4ae8c1620b8e72dfa1551d89e8c9b281ed50afc2f9_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:cf5beedfa9139034d92f170115321be8f442b152628f1c91841a1be1cadfda33_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0115106585032e52bedca4443f008c755c3fbc5e4fdf4f4be974cb6be9345b86_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:32faefcdb174ed2e92291cc075ab321e8fa462fcbd951e7edaa019011e87ccad_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:cfb6a722aa6ede9218d9d7a28c7aae1b1455bc0ba5a41ba488e95ee504cccd70_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:d63ab6fcf507a4dc7c38df369111c44725ffdc3384840cd7cfbb89fe216af914_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:01d01a649ed0c466925ebdfc7e632c7c01f0e59ef5d764d2f2dcf51f355b68ec_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1324d938cf5047df9125eb4bf6a9565fc4443b62c24e34494c1f57d1f8b5bdb1_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:e87ce042d9afb90c643de99cfaa98314230a2d9a01ad1230cd0596413991f4f5_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f49305d1e529f1be7d213f548cc6d49d958ff578eb4e41320250634497a1dfb2_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:d8111014ef89a6679f19c48888189ddff4e3bb4269d1ccd09c7114ba6e5360d6_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1dceed562203416b6d853e66402a2ec69370a53cc119953aeb442288ecebfa4f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1e9116742efaed46b4b93ba1ff8eb026ffa5bbe5146690d020389b95bec77051_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:6f0060cfb71c9ee2788f2bcebd1d9aa40e337c10921a4c631c0119c80721b539_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:d9c49f3d6b2d8ec68784c59bf75810bd4290f4118eb7e512fd6150193600abc4_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0f27626c8a671458174b6a3dc08268ec13f1b1ce297ca26b085a5799971470d6_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:92cc9e13e92ad25bc2ca62705136be35b16699d1ddc9c8f5653cfb7b9e9f9e72_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:96ba7c71703db09c15f1633d2b5c14a22231a6f87fffacb639542f4ad2429551_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:baa02b25c952aa9e463fdd8bde3ae196621ca09cabd508b9638a82c528b6acda_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:34d1530a0759075f9a6d7cb31d45efac05575e0db2ea43adc3379f24b1524060_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50a2768f8ffcbdc15ed719eb6e5c08da0a9e31b2f17c77cf0b305c4f3d5d8135_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d9662472c1cd18a4a0ec5103b30cb7576ae926d43ed290c88586a9304d01d3c3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e2d7323de0313fc7e498791d2294fe4c46448638753349002dfa0e16580f9435_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:44c28896965619b9b4804dd9099303f076533dd664766cff932ca27a9b3b2805_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7830f4f7b3673034dacbe1d48daf493afc3282fd1509b12b2e8d7716179c036b_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:83b76afb22949a7488a6480e16810b74136e395380a5f2050e2f2419aa90a337_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e9b1465496174394f2e54facebca1f1d0cd6dc54ddb0a82265b3feddd3d1867e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:249ae5abf72f255ec0b9152df39a5b2bd270df420bb585ca390e5c7dbdc4b5af_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bd07e7aa5ab8f4419cfe29872bc99d6bca1fe5c73034633ec371b1f1ff59d66c_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:db417ef9da0ec483035d4545ca5a3728682435458daf12ed0500a08430a4680f_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e5e8360e4078c425988ac07bc24860e5361b6e119f5fa54370d0775a60da0f9d_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4b8ecf8d2f99224d7272b1749b7b89f8bdeb5d23458302809a06aab6fa91b553_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a1888b71a59b083571620531fe473b9b042fc7aab0d99ec2e0b184f3101c25f_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be9caac01f90306f9e645ae9981b34642434d08fc5259c302a369c1675224f29_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c1fd4368e9067519644039006f494c391d65e59d45abc981707a886a17829cdc_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6772a5c3a85b279176346e893e3ed08498861ee31495c32236dab20a95392871_s390x",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7a3f81bbda7dc41d40b2f192e99b8ba4088fcac383e70ba9591d1da074be108e_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a75bba630478e2466c371b78ffce02ad116cc872bbe78624cd3438e45f47f93e_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de3478fd6fbd75bd4a428241e6792eefd166f7f0a38ce45b7994cb51d284f010_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:461fee74ff86feaf21bda5d170975b185758cb891307e8e5e5930985a2191307_amd64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9848a4f71fd2bfdc2a22a338a253875f3073777c0d5d5f70b88429d8d4459fdf_ppc64le",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a3cfe3a06fadbe73d8a12e84beb504c9204e34f52af459c30d4e72a2b0a411e3_arm64",
"Red Hat Advanced Cluster Security 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c916f911c1ff8a7991f46dc850d014db42872acfc74e6ea0f6880336b066a6e3_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
}
]
}
RHSA-2026:1736
Vulnerability from csaf_redhat - Published: 2026-02-02 17:31 - Updated: 2026-02-11 16:04Summary
Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
Notes
Topic
A Subscription Management tool for finding and reporting Red Hat product usage
Details
Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds,
identifies, and reports environment data, or facts, such as the number of physical and virtual
systems on a network, their operating systems, and relevant configuration data stored within
them. Discovery also identifies and reports more detailed facts for some versions of key
Red Hat packages and products that it finds in the network.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A Subscription Management tool for finding and reporting Red Hat product usage",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds,\nidentifies, and reports environment data, or facts, such as the number of physical and virtual\nsystems on a network, their operating systems, and relevant configuration data stored within\nthem. Discovery also identifies and reports more detailed facts for some versions of key\nRed Hat packages and products that it finds in the network.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1736",
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11187",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12084",
"url": "https://access.redhat.com/security/cve/CVE-2025-12084"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12818",
"url": "https://access.redhat.com/security/cve/CVE-2025-12818"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13601",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13836",
"url": "https://access.redhat.com/security/cve/CVE-2025-13836"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15468",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15469",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66199",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68160",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69418",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69419",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69420",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69421",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9086",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22795",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22796",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery",
"url": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1736.json"
}
],
"title": "Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage",
"tracking": {
"current_release_date": "2026-02-11T16:04:36+00:00",
"generator": {
"date": "2026-02-11T16:04:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1736",
"initial_release_date": "2026-02-02T17:31:06+00:00",
"revision_history": [
{
"date": "2026-02-02T17:31:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T17:31:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T16:04:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Discovery 2",
"product": {
"name": "Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:discovery:2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Discovery"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Ad4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1769104765"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1769111774"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3A519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1769104765"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1769111774"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-12T06:01:02.244669+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394750"
}
],
"notes": [
{
"category": "description",
"text": "1. A cookie is set using the `secure` keyword for `https://target` \n 2. curl is redirected to or otherwise made to speak with `http://target` (same \n hostname, but using clear text HTTP) using the same cookie set \n 3. The same cookie name is set - but with just a slash as path (`path=\\\"/\\\",`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: Curl out of bounds read for cookie path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "RHBZ#2394750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.html",
"url": "https://curl.se/docs/CVE-2025-9086.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.json",
"url": "https://curl.se/docs/CVE-2025-9086.json"
},
{
"category": "external",
"summary": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6",
"url": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3294999",
"url": "https://hackerone.com/reports/3294999"
}
],
"release_date": "2025-09-12T05:10:03.815000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: libcurl: Curl out of bounds read for cookie path"
},
{
"cve": "CVE-2025-11187",
"cwe": {
"id": "CWE-233",
"name": "Improper Handling of Parameters"
},
"discovery_date": "2026-01-16T14:21:50.559000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. It affects OpenSSL versions 3.6, 3.5, and 3.4, where improper validation of PBMAC1 parameters in PKCS#12 MAC verification can lead to a stack buffer overflow or NULL pointer dereference. Exploitation requires an application to process a maliciously crafted PKCS#12 file, which is uncommon as these files are typically trusted. OpenSSL versions 3.3, 3.0, 1.1.1, and 1.0.2 are not affected as they do not support PBMAC1 in PKCS#12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "RHBZ#2430375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted PKCS#12 files. Applications should only handle PKCS#12 files from trusted sources, as these files are typically used for storing private keys and are expected to be secure.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file"
},
{
"cve": "CVE-2025-12084",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-03T19:01:03.489250+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418655"
}
],
"notes": [
{
"category": "description",
"text": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products as it can lead to a denial of service. The flaw exists in the `xml.dom.minidom` module of cpython, where a quadratic algorithm in methods like `appendChild()` can be triggered when processing excessively nested XML documents. When successfully exploited this may impact the availability of applications utilizing this functionality across affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12084"
},
{
"category": "external",
"summary": "RHBZ#2418655",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418655"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12084"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/142145",
"url": "https://github.com/python/cpython/issues/142145"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/142146",
"url": "https://github.com/python/cpython/pull/142146"
}
],
"release_date": "2025-12-03T18:55:32.222000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service"
},
{
"cve": "CVE-2025-12818",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-13T14:01:22.870197+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414826"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in PostgreSQL\u2019s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: libpq: libpq undersizes allocations, via integer wraparound",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated Moderate severity by Red Hat Product Security, even though it carries a High CVSS v3.1 score. The flaw resides in the libpq client library and can be triggered when a client receives specially crafted PostgreSQL protocol data that causes an integer wraparound and an out-of-bounds write. The attack complexity is Low because the malformed protocol message is processed immediately during connection, with no timing or environmental conditions required. However, the impact is limited to a denial of service of the client application only. As a result, Red Hat classifies the overall product impact as Moderate, reflecting that the flaw can interrupt client availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12818"
},
{
"category": "external",
"summary": "RHBZ#2414826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2025-12818/",
"url": "https://www.postgresql.org/support/security/CVE-2025-12818/"
}
],
"release_date": "2025-11-13T13:00:12.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: libpq: libpq undersizes allocations, via integer wraparound"
},
{
"cve": "CVE-2025-13601",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-24T12:49:28.274000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416741"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Integer overflow in in g_escape_uri_string()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "RHBZ#2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914",
"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"
}
],
"release_date": "2025-11-24T13:00:15.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Integer overflow in in g_escape_uri_string()"
},
{
"cve": "CVE-2025-13836",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-01T19:01:03.091899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into memory, potentially causing memory allocations errors, swapping, out-of-memory conditions or even system freezes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Excessive read buffering DoS in http.client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue can only be exploited by Python applications using the http.client.HTTPResponse.read function without the amount parameter, which specifies the read size in bytes. Note that Python libraries may use this function internally and make applications vulnerable. Additionally, vulnerable Python applications must connect to a malicious or compromised server that replies with a very large or crafted Content-Length header to trigger this issue, limiting the exposure of this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13836"
},
{
"category": "external",
"summary": "RHBZ#2418078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13836",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13836"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/119451",
"url": "https://github.com/python/cpython/issues/119451"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/119454",
"url": "https://github.com/python/cpython/pull/119454"
}
],
"release_date": "2025-12-01T18:02:38.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Since this vulnerability is triggered when no read amount is specified and the client defaults to using the potentially malicious Content-Length header, developers can mitigate this issue in their code by always imposing an explicit, safe limit on data reads.\n\nApplications using the http.client.HTTPResponse.read function directly can ensure that read operations specify a byte limit:\n\n~~~\n...\nmax_safe_read = 10 * 1024 * 1024\ndata = response.read(max_safe_read)\n...\n~~~",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Excessive read buffering DoS in http.client"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-15468",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:51.062000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The NULL pointer dereference in the `SSL_CIPHER_find()` function, affecting OpenSSL versions 3.3, 3.4, 3.5, and 3.6, occurs only when applications utilizing the QUIC protocol uncommonly invoke this function from the `client_hello_cb` callback with an unknown cipher ID. This specific usage pattern and the resulting Denial of Service limit the overall impact in the Red Hat context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "RHBZ#2430377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling"
},
{
"cve": "CVE-2025-15469",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-16T14:21:51.411000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The flaw affects the `openssl dgst` command-line tool when used with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) on files larger than 16MB. Impact is limited as it requires both signing and verification to be performed using the affected command, and verifiers using library APIs are not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "RHBZ#2430378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `openssl dgst` command with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) for files larger than 16MB. Instead, utilize streaming digest algorithms with `openssl dgst` or use library APIs for signing and verification, as these are not affected by the truncation vulnerability. Users should ensure that input files for one-shot signing/verification with `openssl dgst` do not exceed 16MB.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation"
},
{
"cve": "CVE-2025-66199",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T14:21:51.739000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. The flaw in OpenSSL 3.3, 3.4, 3.5, and 3.6 allows an attacker to cause excessive memory allocation during TLS 1.3 handshake with certificate compression, potentially leading to a Denial of Service. This affects both clients and servers in mutual TLS scenarios where certificate compression is negotiated. Servers not requesting client certificates are not vulnerable to client-initiated attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "RHBZ#2430379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the reception of compressed certificates by setting the SSL_OP_NO_RX_CERTIFICATE_COMPRESSION option in OpenSSL configurations. This will prevent the vulnerable code path from being exercised.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68160",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-16T14:21:52.088000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430380"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The `BIO_f_linebuffer` filter, where this heap out-of-bounds write occurs, is not used by default in TLS/SSL data paths within Red Hat products. Exploitation requires third-party applications to explicitly use this filter with a BIO chain that can short-write and process large, newline-free data influenced by an attacker, which is an unlikely scenario under attacker control. Red Hat FIPS modules are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "RHBZ#2430380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2025-69418",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-01-16T14:21:52.438000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430381"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. In the Red Hat context, impact is limited because typical OpenSSL consumers using higher-level EVP APIs are not affected. The flaw only manifests when applications directly call low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in hardware-accelerated builds. Additionally, TLS does not use OCB ciphersuites, and FIPS modules are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "RHBZ#2430381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls"
},
{
"cve": "CVE-2025-69419",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-01-16T14:21:52.793000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. An out-of-bounds write in OpenSSL\u0027s PKCS12_get_friendlyname() function can lead to denial of service or arbitrary code execution. Exploitation requires an application to parse a specially crafted malicious PKCS#12 file. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "RHBZ#2430386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, Red Hat recommends avoiding the processing of PKCS#12 files from untrusted or unverified sources. Applications that use the `PKCS12_get_friendlyname()` API should ensure that PKCS#12 files are only processed if they originate from trusted entities. Restricting the input sources for PKCS#12 files can significantly reduce the attack surface for this flaw.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing"
},
{
"cve": "CVE-2025-69420",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.497000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the TimeStamp Response verification code can lead to a Denial of Service when processing a specially crafted TimeStamp Response. Exploitation requires an application to call `TS_RESP_verify_response()` with a malformed response, and the TimeStamp protocol (RFC 3161) is not widely used. Red Hat FIPS modules are not affected as the TimeStamp Response implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "RHBZ#2430388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response"
},
{
"cve": "CVE-2025-69421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:53.845000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat because it requires an application to process a specially crafted, malformed PKCS#12 file, leading to a Denial of Service. The vulnerability is limited to a crash and cannot be escalated to achieve code execution or memory disclosure. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "RHBZ#2430387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22795",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.146000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430389"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. An application processing a maliciously crafted PKCS#12 file can be caused to dereference an invalid or NULL pointer, resulting in a Denial of Service. In the Red Hat context, impact is limited as PKCS#12 files are typically used for trusted private keys and are not commonly accepted from untrusted sources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "RHBZ#2430389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing"
},
{
"cve": "CVE-2026-22796",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-01-16T14:43:21.598000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430390"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the legacy PKCS#7 API can lead to a Denial of Service when processing specially crafted PKCS#7 data. Exploitation requires an application to perform signature verification of malformed PKCS#7 data. Red Hat products utilizing the FIPS module are not affected as the PKCS#7 parsing is outside the module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "RHBZ#2430390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T17:31:06+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:519d4fe184cebe5152f840e9f609fa4705590656ac9bcace2e2e17622ab7e6a8_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4d6cd6b1a84587ee851c4f76b47c1e6bf9f597f4a476c34e4a257cd1a860448_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:26bb49a8e2e695d61192f04eb0db63efa8210bba20ea22b60e4e22d519d8b9e6_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:4ba29e3e7565cfdfdedcc558bc8495398cee07742fda133b0bc04fd657b908cd_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification"
}
]
}
RHSA-2026:1705
Vulnerability from csaf_redhat - Published: 2026-02-02 11:41 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1705",
"url": "https://access.redhat.com/errata/RHSA-2026:1705"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1705.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:27+00:00",
"generator": {
"date": "2026-02-11T15:13:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1705",
"initial_release_date": "2026-02-02T11:41:03+00:00",
"revision_history": [
{
"date": "2026-02-02T11:41:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T11:41:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.src",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.src",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T11:41:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1705"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0697
Vulnerability from csaf_redhat - Published: 2026-01-15 11:30 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0697",
"url": "https://access.redhat.com/errata/RHSA-2026:0697"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0697.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:13+00:00",
"generator": {
"date": "2026-02-11T15:13:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0697",
"initial_release_date": "2026-01-15T11:30:44+00:00",
"revision_history": [
{
"date": "2026-01-15T11:30:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T11:30:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.src",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.src",
"product_id": "gnupg2-0:2.4.5-3.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.src",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T11:30:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0697"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0728
Vulnerability from csaf_redhat - Published: 2026-01-15 21:34 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0728",
"url": "https://access.redhat.com/errata/RHSA-2026:0728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0728.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:15+00:00",
"generator": {
"date": "2026-02-11T15:13:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0728",
"initial_release_date": "2026-01-15T21:34:05+00:00",
"revision_history": [
{
"date": "2026-01-15T21:34:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T21:34:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.src",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.src",
"product_id": "gnupg2-0:2.2.20-4.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T21:34:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0728"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:2563
Vulnerability from csaf_redhat - Published: 2026-02-11 14:34 - Updated: 2026-02-11 16:04Summary
Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update
Notes
Topic
The latest release of Red Hat Update Infrastructure. For more details, see the product documentation.
Details
Red Hat Update Infrastructure (RHUI) container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The latest release of Red Hat Update Infrastructure. For more details, see the product documentation.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Update Infrastructure (RHUI) container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2563",
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/red-hat-update-infrastructure",
"url": "https://access.redhat.com/products/red-hat-update-infrastructure"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-11187",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12084",
"url": "https://access.redhat.com/security/cve/CVE-2025-12084"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13601",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13836",
"url": "https://access.redhat.com/security/cve/CVE-2025-13836"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14104",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15468",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15469",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66199",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68160",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69418",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69419",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69420",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69421",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9086",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22795",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22796",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/5",
"url": "https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/5"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2563.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update",
"tracking": {
"current_release_date": "2026-02-11T16:04:45+00:00",
"generator": {
"date": "2026-02-11T16:04:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:2563",
"initial_release_date": "2026-02-11T14:34:45+00:00",
"revision_history": [
{
"date": "2026-02-11T14:34:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-11T14:34:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T16:04:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Update Infrastructure 5",
"product": {
"name": "Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhui:5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Update Infrastructure"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"product": {
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"product_id": "registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cds-rhel9@sha256%3A83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1770808689"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"product": {
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"product_id": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/haproxy-rhel9@sha256%3A409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1770807477"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"product": {
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"product_id": "registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/installer-rhel9@sha256%3A48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1770646925"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64",
"product": {
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64",
"product_id": "registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhua-rhel9@sha256%3Adf709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8?arch=amd64\u0026repository_url=registry.redhat.io/rhui5\u0026tag=1770808765"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64"
},
"product_reference": "registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64"
},
"product_reference": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
},
"product_reference": "registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
},
"product_reference": "registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-12T06:01:02.244669+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394750"
}
],
"notes": [
{
"category": "description",
"text": "1. A cookie is set using the `secure` keyword for `https://target` \n 2. curl is redirected to or otherwise made to speak with `http://target` (same \n hostname, but using clear text HTTP) using the same cookie set \n 3. The same cookie name is set - but with just a slash as path (`path=\\\"/\\\",`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: Curl out of bounds read for cookie path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9086"
},
{
"category": "external",
"summary": "RHBZ#2394750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.html",
"url": "https://curl.se/docs/CVE-2025-9086.html"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2025-9086.json",
"url": "https://curl.se/docs/CVE-2025-9086.json"
},
{
"category": "external",
"summary": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6",
"url": "https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3294999",
"url": "https://hackerone.com/reports/3294999"
}
],
"release_date": "2025-09-12T05:10:03.815000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: libcurl: Curl out of bounds read for cookie path"
},
{
"cve": "CVE-2025-11187",
"cwe": {
"id": "CWE-233",
"name": "Improper Handling of Parameters"
},
"discovery_date": "2026-01-16T14:21:50.559000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS#12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service (DoS) by crashing the application, and in some cases, may enable arbitrary code execution. The vulnerability arises from the lack of validation for PBKDF2 salt and keylength parameters within the PKCS#12 file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. It affects OpenSSL versions 3.6, 3.5, and 3.4, where improper validation of PBMAC1 parameters in PKCS#12 MAC verification can lead to a stack buffer overflow or NULL pointer dereference. Exploitation requires an application to process a maliciously crafted PKCS#12 file, which is uncommon as these files are typically trusted. OpenSSL versions 3.3, 3.0, 1.1.1, and 1.0.2 are not affected as they do not support PBMAC1 in PKCS#12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "RHBZ#2430375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted PKCS#12 files. Applications should only handle PKCS#12 files from trusted sources, as these files are typically used for storing private keys and are expected to be secure.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file"
},
{
"cve": "CVE-2025-12084",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-03T19:01:03.489250+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418655"
}
],
"notes": [
{
"category": "description",
"text": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products as it can lead to a denial of service. The flaw exists in the `xml.dom.minidom` module of cpython, where a quadratic algorithm in methods like `appendChild()` can be triggered when processing excessively nested XML documents. When successfully exploited this may impact the availability of applications utilizing this functionality across affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12084"
},
{
"category": "external",
"summary": "RHBZ#2418655",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418655"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12084"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/142145",
"url": "https://github.com/python/cpython/issues/142145"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/142146",
"url": "https://github.com/python/cpython/pull/142146"
}
],
"release_date": "2025-12-03T18:55:32.222000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service"
},
{
"cve": "CVE-2025-13601",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-24T12:49:28.274000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416741"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Integer overflow in in g_escape_uri_string()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "RHBZ#2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914",
"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"
}
],
"release_date": "2025-11-24T13:00:15.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Integer overflow in in g_escape_uri_string()"
},
{
"cve": "CVE-2025-13836",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-01T19:01:03.091899+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into memory, potentially causing memory allocations errors, swapping, out-of-memory conditions or even system freezes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Excessive read buffering DoS in http.client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue can only be exploited by Python applications using the http.client.HTTPResponse.read function without the amount parameter, which specifies the read size in bytes. Note that Python libraries may use this function internally and make applications vulnerable. Additionally, vulnerable Python applications must connect to a malicious or compromised server that replies with a very large or crafted Content-Length header to trigger this issue, limiting the exposure of this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13836"
},
{
"category": "external",
"summary": "RHBZ#2418078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13836",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13836"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/119451",
"url": "https://github.com/python/cpython/issues/119451"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/119454",
"url": "https://github.com/python/cpython/pull/119454"
}
],
"release_date": "2025-12-01T18:02:38.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Since this vulnerability is triggered when no read amount is specified and the client defaults to using the potentially malicious Content-Length header, developers can mitigate this issue in their code by always imposing an explicit, safe limit on data reads.\n\nApplications using the http.client.HTTPResponse.read function directly can ensure that read operations specify a byte limit:\n\n~~~\n...\nmax_safe_read = 10 * 1024 * 1024\ndata = response.read(max_safe_read)\n...\n~~~",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Excessive read buffering DoS in http.client"
},
{
"cve": "CVE-2025-14104",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-05T14:16:36.004000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419369"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "RHBZ#2419369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104"
}
],
"release_date": "2025-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-15468",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:51.062000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The NULL pointer dereference in the `SSL_CIPHER_find()` function, affecting OpenSSL versions 3.3, 3.4, 3.5, and 3.6, occurs only when applications utilizing the QUIC protocol uncommonly invoke this function from the `client_hello_cb` callback with an unknown cipher ID. This specific usage pattern and the resulting Denial of Service limit the overall impact in the Red Hat context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "RHBZ#2430377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling"
},
{
"cve": "CVE-2025-15469",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-16T14:21:51.411000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The flaw affects the `openssl dgst` command-line tool when used with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) on files larger than 16MB. Impact is limited as it requires both signing and verification to be performed using the affected command, and verifiers using library APIs are not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15469"
},
{
"category": "external",
"summary": "RHBZ#2430378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `openssl dgst` command with one-shot algorithms (such as Ed25519, Ed448, or ML-DSA) for files larger than 16MB. Instead, utilize streaming digest algorithms with `openssl dgst` or use library APIs for signing and verification, as these are not affected by the truncation vulnerability. Users should ensure that input files for one-shot signing/verification with `openssl dgst` do not exceed 16MB.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation"
},
{
"cve": "CVE-2025-66199",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T14:21:51.739000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. The flaw in OpenSSL 3.3, 3.4, 3.5, and 3.6 allows an attacker to cause excessive memory allocation during TLS 1.3 handshake with certificate compression, potentially leading to a Denial of Service. This affects both clients and servers in mutual TLS scenarios where certificate compression is negotiated. Servers not requesting client certificates are not vulnerable to client-initiated attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66199"
},
{
"category": "external",
"summary": "RHBZ#2430379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the reception of compressed certificates by setting the SSL_OP_NO_RX_CERTIFICATE_COMPRESSION option in OpenSSL configurations. This will prevent the vulnerable code path from being exercised.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68160",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-16T14:21:52.088000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430380"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat. The `BIO_f_linebuffer` filter, where this heap out-of-bounds write occurs, is not used by default in TLS/SSL data paths within Red Hat products. Exploitation requires third-party applications to explicitly use this filter with a BIO chain that can short-write and process large, newline-free data influenced by an attacker, which is an unlikely scenario under attacker control. Red Hat FIPS modules are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68160"
},
{
"category": "external",
"summary": "RHBZ#2430380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2025-69418",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-01-16T14:21:52.438000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430381"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. In the Red Hat context, impact is limited because typical OpenSSL consumers using higher-level EVP APIs are not affected. The flaw only manifests when applications directly call low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in hardware-accelerated builds. Additionally, TLS does not use OCB ciphersuites, and FIPS modules are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69418"
},
{
"category": "external",
"summary": "RHBZ#2430381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls"
},
{
"cve": "CVE-2025-69419",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-01-16T14:21:52.793000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#12 (Personal Information Exchange Syntax Standard) file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSL_uni2utf8() function, leads to memory corruption by writing data beyond its allocated buffer. Successful exploitation could result in a denial of service or potentially allow for arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. An out-of-bounds write in OpenSSL\u0027s PKCS12_get_friendlyname() function can lead to denial of service or arbitrary code execution. Exploitation requires an application to parse a specially crafted malicious PKCS#12 file. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69419"
},
{
"category": "external",
"summary": "RHBZ#2430386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, Red Hat recommends avoiding the processing of PKCS#12 files from untrusted or unverified sources. Applications that use the `PKCS12_get_friendlyname()` API should ensure that PKCS#12 files are only processed if they originate from trusted entities. Restricting the input sources for PKCS#12 files can significantly reduce the attack surface for this flaw.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing"
},
{
"cve": "CVE-2025-69420",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.497000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the TimeStamp Response verification code can lead to a Denial of Service when processing a specially crafted TimeStamp Response. Exploitation requires an application to call `TS_RESP_verify_response()` with a malformed response, and the TimeStamp protocol (RFC 3161) is not widely used. Red Hat FIPS modules are not affected as the TimeStamp Response implementation is outside the FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69420"
},
{
"category": "external",
"summary": "RHBZ#2430388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response"
},
{
"cve": "CVE-2025-69421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-01-16T14:21:53.845000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat because it requires an application to process a specially crafted, malformed PKCS#12 file, leading to a Denial of Service. The vulnerability is limited to a crash and cannot be escalated to achieve code execution or memory disclosure. Red Hat FIPS modules are not affected as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69421"
},
{
"category": "external",
"summary": "RHBZ#2430387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22795",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-01-16T14:21:53.146000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430389"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. An application processing a maliciously crafted PKCS#12 file can be caused to dereference an invalid or NULL pointer, resulting in a Denial of Service. In the Red Hat context, impact is limited as PKCS#12 files are typically used for trusted private keys and are not commonly accepted from untrusted sources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22795"
},
{
"category": "external",
"summary": "RHBZ#2430389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing"
},
{
"cve": "CVE-2026-22796",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-01-16T14:43:21.598000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430390"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low for Red Hat products. A type confusion flaw in the legacy PKCS#7 API can lead to a Denial of Service when processing specially crafted PKCS#7 data. Exploitation requires an application to perform signature verification of malformed PKCS#7 data. Red Hat products utilizing the FIPS module are not affected as the PKCS#7 parsing is outside the module boundary.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22796"
},
{
"category": "external",
"summary": "RHBZ#2430390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430390"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796"
}
],
"release_date": "2026-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T14:34:45+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2563"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:83e8b356eb4697a81ff8c6764dc976862800f4c78122a606173340a6e105a4fe_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:409a64405669fd11ad8700356243762a3507430f9bba4100bb92765d4482b7e5_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:48cf7cf48dfadb17f9357bf1894a5d0393551a893faa8b0ea0e11fe1ffed497f_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:df709663b581b740006c6ea4b297978932874eade1563c3952e0594e926aa5f8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification"
}
]
}
RHSA-2026:1517
Vulnerability from csaf_redhat - Published: 2026-01-28 22:40 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: RHACS 4.8.8 security and bug fix update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details
See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1517",
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68428",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-488_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-488_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1517.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.8 security and bug fix update",
"tracking": {
"current_release_date": "2026-02-11T15:13:24+00:00",
"generator": {
"date": "2026-02-11T15:13:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1517",
"initial_release_date": "2026-01-28T22:40:02+00:00",
"revision_history": [
{
"date": "2026-01-28T22:40:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T22:40:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Af23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ab22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ac7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aeb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aeaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Affc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Acfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ae7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Adb0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Afe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Adeea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Af96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Adcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Acc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ad5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
},
{
"cve": "CVE-2025-68428",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2026-01-05T22:01:15.703824+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427236"
}
],
"notes": [
{
"category": "description",
"text": "jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "RHBZ#2427236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d",
"url": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2"
}
],
"release_date": "2026-01-05T21:43:55.169000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
}
]
}
RHSA-2026:1719
Vulnerability from csaf_redhat - Published: 2026-02-02 14:09 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1719",
"url": "https://access.redhat.com/errata/RHSA-2026:1719"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1719.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:29+00:00",
"generator": {
"date": "2026-02-11T15:13:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1719",
"initial_release_date": "2026-02-02T14:09:38+00:00",
"revision_history": [
{
"date": "2026-02-02T14:09:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T14:09:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.src",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.src",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T14:09:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1719"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1230
Vulnerability from csaf_redhat - Published: 2026-01-26 16:16 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1230",
"url": "https://access.redhat.com/errata/RHSA-2026:1230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1230.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:21+00:00",
"generator": {
"date": "2026-02-11T15:13:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1230",
"initial_release_date": "2026-01-26T16:16:34+00:00",
"revision_history": [
{
"date": "2026-01-26T16:16:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-26T16:16:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.src",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.src",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
],
"known_not_affected": [
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-26T16:16:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1230"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0935
Vulnerability from csaf_redhat - Published: 2026-01-21 19:09 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0935",
"url": "https://access.redhat.com/errata/RHSA-2026:0935"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0935.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:16+00:00",
"generator": {
"date": "2026-02-11T15:13:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0935",
"initial_release_date": "2026-01-21T19:09:27+00:00",
"revision_history": [
{
"date": "2026-01-21T19:09:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-21T19:09:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_8.1.src",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.src",
"product_id": "gnupg2-0:2.2.20-3.el8_8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_8.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_8.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-21T19:09:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0935"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1652
Vulnerability from csaf_redhat - Published: 2026-02-02 02:51 - Updated: 2026-02-11 16:04Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Notes
Topic
A new version of Red Hat build of Ceph Storage has been released
Details
The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1652",
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-5642",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13601",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4598",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6075",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1652.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-02-11T16:04:29+00:00",
"generator": {
"date": "2026-02-11T16:04:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1652",
"initial_release_date": "2026-02-02T02:51:27+00:00",
"revision_history": [
{
"date": "2026-02-02T02:51:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T02:51:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T16:04:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 8",
"product": {
"name": "Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Aab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Aa5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Ac1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aa45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ab52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Af8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Afa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ab97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5642",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294682"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python/CPython that does not disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols(), which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with a Low severity due to NPN not being widely used and specifying an empty list is likely uncommon in practice. Typically, a protocol name would be configured.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "RHBZ#2294682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
}
],
"release_date": "2024-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-05-29T19:04:54.578000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369242"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was rated as having a severity of Moderate due to the complexity to exploit this flaw. The attacker needs to setup a way to win the race condition and have an unprivileged local account to successfully exploit this vulnerability.\n\nBy default Red Hat Enterprise Linux 8 doesn\u0027t allow systemd-coredump to create dumps of SUID programs as the /proc/sys/fs/suid_dumpable is set to 0, disabling by default this capability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "RHBZ#2369242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/29/3",
"url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
}
],
"release_date": "2025-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump"
},
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-6075",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-31T17:01:47.052517+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408891"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in Python\u2019s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Quadratic complexity in os.path.expandvars() with user-controlled template",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low rather than Moderate because it only causes a performance inefficiency without affecting code execution, data integrity, or confidentiality. The flaw lies in the algorithmic complexity of os.path.expandvars(), which can become quadratic when processing crafted input containing repetitive or nested environment variable references. Exploitation requires the attacker to control the input string passed to this function, which is uncommon in secure applications. Moreover, the impact is limited to increased CPU utilization and potential slowdown, not system compromise or data manipulation. Since the issue does not introduce memory corruption, privilege escalation, or information disclosure risks, its overall impact scope and exploitability are minimal, justifying a Low severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "RHBZ#2408891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/136065",
"url": "https://github.com/python/cpython/issues/136065"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/"
}
],
"release_date": "2025-10-31T16:41:34.983000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Quadratic complexity in os.path.expandvars() with user-controlled template"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-13601",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-24T12:49:28.274000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416741"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Integer overflow in in g_escape_uri_string()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "RHBZ#2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914",
"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"
}
],
"release_date": "2025-11-24T13:00:15.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Integer overflow in in g_escape_uri_string()"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
}
]
}
RHSA-2026:0974
Vulnerability from csaf_redhat - Published: 2026-01-22 06:57 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0974",
"url": "https://access.redhat.com/errata/RHSA-2026:0974"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0974.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:17+00:00",
"generator": {
"date": "2026-02-11T15:13:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0974",
"initial_release_date": "2026-01-22T06:57:36+00:00",
"revision_history": [
{
"date": "2026-01-22T06:57:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-22T06:57:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.src",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T06:57:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0974"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1229
Vulnerability from csaf_redhat - Published: 2026-01-26 16:26 - Updated: 2026-02-11 15:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1229",
"url": "https://access.redhat.com/errata/RHSA-2026:1229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1229.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-11T15:13:21+00:00",
"generator": {
"date": "2026-02-11T15:13:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1229",
"initial_release_date": "2026-01-26T16:26:39+00:00",
"revision_history": [
{
"date": "2026-01-26T16:26:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-26T16:26:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-11T15:13:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.src",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.src",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
],
"known_not_affected": [
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-26T16:26:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1229"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
CERTFR-2026-AVI-0112
Vulnerability from certfr_avis - Published: 2026-02-02 - Updated: 2026-02-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.7 | ||
| VMware | Tanzu Kubernetes Grid Integrated Edition | Tanzu Kubernetes Grid Integrated Edition (TKGi) - Mgmt Console versions antérieures à 1.24.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.7+LTS-T | ||
| VMware | N/A | NodeJS Buildpack versions antérieures à 1.8.74 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.3 | ||
| VMware | Tanzu Platform | Telemetry pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | N/A | Platform Automation Toolkit versions antérieures à 5.4.0 | ||
| VMware | N/A | VMware Harbor Registry versions antérieures à 2.14.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.3.4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Kubernetes Grid Integrated Edition (TKGi) - Mgmt Console versions ant\u00e9rieures \u00e0 1.24.0",
"product": {
"name": "Tanzu Kubernetes Grid Integrated Edition",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.7+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.74",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.3",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Harbor Registry versions ant\u00e9rieures \u00e0 2.14.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2025-14087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28164"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2026-24882",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24882"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2025-55198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55198"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2026-1485",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
},
{
"name": "CVE-2022-49390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2025-14512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2023-34231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34231"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-64718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2025-65637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-64505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"name": "CVE-2025-28162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28162"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-64506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64506"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-14762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14762"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-55199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55199"
},
{
"name": "CVE-2025-61594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61594"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-11414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11414"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2026-24883",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24883"
},
{
"name": "CVE-2025-39964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39964"
},
{
"name": "CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2025-6966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6966"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-8959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8959"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2025-40018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40018"
},
{
"name": "CVE-2024-53218",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53218"
},
{
"name": "CVE-2025-67499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67499"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-11413",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11413"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2024-53090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53090"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-23419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23419"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-11412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11412"
},
{
"name": "CVE-2026-1484",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2024-50067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50067"
},
{
"name": "CVE-2024-47220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47220"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2026-1489",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
},
{
"name": "CVE-2026-24881",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24881"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2025-11494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11494"
},
{
"name": "CVE-2024-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47691"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-02-02T00:00:00",
"last_revision_date": "2026-02-02T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0112",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36902",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36902"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36908",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36908"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36897",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36897"
},
{
"published_at": "2026-02-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36912",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36912"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36904",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36904"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36900",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36900"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36903",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36903"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36909",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36909"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36899",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36899"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36906",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36906"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36907",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36907"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36901",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36901"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36905",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36905"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36898",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36898"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36910",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36910"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36911",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36911"
}
]
}
SUSE-SU-2026:0215-1
Vulnerability from csaf_suse - Published: 2026-01-22 12:10 - Updated: 2026-01-22 12:10Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).
- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).
- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).
- Fix a memory leak in gpg2 agent (bsc#1256243).
- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).
Patchnames
SUSE-2026-215,SUSE-SLE-Module-Basesystem-15-SP7-2026-215,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-215,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-215,openSUSE-SLE-15.6-2026-215
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).\n- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).\n- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).\n- Fix a memory leak in gpg2 agent (bsc#1256243).\n- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-215,SUSE-SLE-Module-Basesystem-15-SP7-2026-215,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-215,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-215,openSUSE-SLE-15.6-2026-215",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0215-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0215-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260215-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0215-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023870.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256243",
"url": "https://bugzilla.suse.com/1256243"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-22T12:10:17Z",
"generator": {
"date": "2026-01-22T12:10:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0215-1",
"initial_release_date": "2026-01-22T12:10:17Z",
"revision_history": [
{
"date": "2026-01-22T12:10:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"product_id": "dirmngr-2.4.4-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.aarch64",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64",
"product_id": "gpg2-2.4.4-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.i586",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.i586",
"product_id": "dirmngr-2.4.4-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.i586",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.i586",
"product_id": "gpg2-2.4.4-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.i586",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.i586",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"product": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"product_id": "gpg2-lang-2.4.4-150600.3.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"product_id": "dirmngr-2.4.4-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"product_id": "gpg2-2.4.4-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.s390x",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x",
"product_id": "dirmngr-2.4.4-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.s390x",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x",
"product_id": "gpg2-2.4.4-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"product_id": "dirmngr-2.4.4-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.x86_64",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64",
"product_id": "gpg2-2.4.4-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T12:10:17Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
SUSE-SU-2026:20108-1
Vulnerability from csaf_suse - Published: 2026-01-14 10:23 - Updated: 2026-01-14 10:23Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
Patchnames
SUSE-SL-Micro-6.2-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).\n\nOther security fixes:\n\n- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).\n- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).\n- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20108-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20108-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620108-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20108-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023880.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-14T10:23:37Z",
"generator": {
"date": "2026-01-14T10:23:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20108-1",
"initial_release_date": "2026-01-14T10:23:37Z",
"revision_history": [
{
"date": "2026-01-14T10:23:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-2.5.5-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-2.5.5-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-2.5.5-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-2.5.5-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-14T10:23:37Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
SUSE-SU-2026:0214-1
Vulnerability from csaf_suse - Published: 2026-01-22 12:09 - Updated: 2026-01-22 12:09Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).
- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).
- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).
- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).
Patchnames
SUSE-2026-214,SUSE-SLE-Micro-5.3-2026-214,SUSE-SLE-Micro-5.4-2026-214,SUSE-SLE-Micro-5.5-2026-214,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-214,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-214,SUSE-SUSE-MicroOS-5.2-2026-214
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).\n- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).\n- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).\n- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-214,SUSE-SLE-Micro-5.3-2026-214,SUSE-SLE-Micro-5.4-2026-214,SUSE-SLE-Micro-5.5-2026-214,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-214,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-214,SUSE-SUSE-MicroOS-5.2-2026-214",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0214-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0214-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260214-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0214-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023871.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-22T12:09:32Z",
"generator": {
"date": "2026-01-22T12:09:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0214-1",
"initial_release_date": "2026-01-22T12:09:32Z",
"revision_history": [
{
"date": "2026-01-22T12:09:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"product_id": "dirmngr-2.2.27-150300.3.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.aarch64",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64",
"product_id": "gpg2-2.2.27-150300.3.16.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.i586",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.i586",
"product_id": "dirmngr-2.2.27-150300.3.16.1.i586"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.i586",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.i586",
"product_id": "gpg2-2.2.27-150300.3.16.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"product": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"product_id": "gpg2-lang-2.2.27-150300.3.16.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"product_id": "dirmngr-2.2.27-150300.3.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"product_id": "gpg2-2.2.27-150300.3.16.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.s390x",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.s390x",
"product_id": "dirmngr-2.2.27-150300.3.16.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.s390x",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x",
"product_id": "gpg2-2.2.27-150300.3.16.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"product_id": "dirmngr-2.2.27-150300.3.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.x86_64",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64",
"product_id": "gpg2-2.2.27-150300.3.16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T12:09:32Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
SUSE-SU-2026:20080-1
Vulnerability from csaf_suse - Published: 2026-01-14 10:23 - Updated: 2026-01-14 10:23Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
Patchnames
SUSE-SLES-16.0-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).\n\nOther security fixes:\n\n- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).\n- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).\n- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20080-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20080-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620080-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20080-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023818.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-14T10:23:37Z",
"generator": {
"date": "2026-01-14T10:23:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20080-1",
"initial_release_date": "2026-01-14T10:23:37Z",
"revision_history": [
{
"date": "2026-01-14T10:23:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product_id": "dirmngr-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product_id": "gpg2-lang-2.5.5-160000.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product_id": "dirmngr-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product_id": "dirmngr-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product_id": "dirmngr-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch"
},
"product_reference": "gpg2-lang-2.5.5-160000.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch"
},
"product_reference": "gpg2-lang-2.5.5-160000.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-14T10:23:37Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
GHSA-PJ23-86WW-F72P
Vulnerability from github – Published: 2025-12-28 18:30 – Updated: 2026-01-14 21:34
VLAI?
Details
In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2025-68973"
],
"database_specific": {
"cwe_ids": [
"CWE-675",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-28T17:16:01Z",
"severity": "HIGH"
},
"details": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input.",
"id": "GHSA-pj23-86ww-f72p",
"modified": "2026-01-14T21:34:04Z",
"published": "2025-12-28T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"type": "WEB",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"type": "WEB",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"type": "WEB",
"url": "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51"
},
{
"type": "WEB",
"url": "https://gpg.fail/memcpy"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
},
{
"type": "WEB",
"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/12/29/11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2025-68973
Vulnerability from fkie_nvd - Published: 2025-12-28 17:16 - Updated: 2026-01-14 19:16
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 | Product | |
| cve@mitre.org | https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 | Patch | |
| cve@mitre.org | https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51 | Patch | |
| cve@mitre.org | https://gpg.fail/memcpy | Broken Link | |
| cve@mitre.org | https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i | Issue Tracking | |
| cve@mitre.org | https://news.ycombinator.com/item?id=46403200 | Issue Tracking | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2025/12/28/5 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/12/29/11 | Mailing List, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html | ||
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://gpg.fail/memcpy | Broken Link |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*",
"matchCriteriaId": "8D4239B3-0B8A-4E14-9E33-DD52A3F8FF25",
"versionEndIncluding": "2.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)"
}
],
"id": "CVE-2025-68973",
"lastModified": "2026-01-14T19:16:46.857",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.8,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-12-28T17:16:01.500",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://gpg.fail/memcpy"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2025/12/29/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Broken Link"
],
"url": "https://gpg.fail/memcpy"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-675"
}
],
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
OPENSUSE-SU-2026:10001-1
Vulnerability from csaf_opensuse - Published: 2026-01-01 00:00 - Updated: 2026-01-01 00:00Summary
dirmngr-2.5.16-1.1 on GA media
Notes
Title of the patch
dirmngr-2.5.16-1.1 on GA media
Description of the patch
These are all security issues fixed in the dirmngr-2.5.16-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2026-10001
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "dirmngr-2.5.16-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the dirmngr-2.5.16-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10001",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10001-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "dirmngr-2.5.16-1.1 on GA media",
"tracking": {
"current_release_date": "2026-01-01T00:00:00Z",
"generator": {
"date": "2026-01-01T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10001-1",
"initial_release_date": "2026-01-01T00:00:00Z",
"revision_history": [
{
"date": "2026-01-01T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.aarch64",
"product": {
"name": "dirmngr-2.5.16-1.1.aarch64",
"product_id": "dirmngr-2.5.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.aarch64",
"product": {
"name": "gpg2-2.5.16-1.1.aarch64",
"product_id": "gpg2-2.5.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.aarch64",
"product": {
"name": "gpg2-lang-2.5.16-1.1.aarch64",
"product_id": "gpg2-lang-2.5.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.aarch64",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.aarch64",
"product_id": "gpg2-tpm-2.5.16-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.ppc64le",
"product": {
"name": "dirmngr-2.5.16-1.1.ppc64le",
"product_id": "dirmngr-2.5.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.ppc64le",
"product": {
"name": "gpg2-2.5.16-1.1.ppc64le",
"product_id": "gpg2-2.5.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.ppc64le",
"product": {
"name": "gpg2-lang-2.5.16-1.1.ppc64le",
"product_id": "gpg2-lang-2.5.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.ppc64le",
"product_id": "gpg2-tpm-2.5.16-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.s390x",
"product": {
"name": "dirmngr-2.5.16-1.1.s390x",
"product_id": "dirmngr-2.5.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.s390x",
"product": {
"name": "gpg2-2.5.16-1.1.s390x",
"product_id": "gpg2-2.5.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.s390x",
"product": {
"name": "gpg2-lang-2.5.16-1.1.s390x",
"product_id": "gpg2-lang-2.5.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.s390x",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.s390x",
"product_id": "gpg2-tpm-2.5.16-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.x86_64",
"product": {
"name": "dirmngr-2.5.16-1.1.x86_64",
"product_id": "dirmngr-2.5.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.x86_64",
"product": {
"name": "gpg2-2.5.16-1.1.x86_64",
"product_id": "gpg2-2.5.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.x86_64",
"product": {
"name": "gpg2-lang-2.5.16-1.1.x86_64",
"product_id": "gpg2-lang-2.5.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.x86_64",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.x86_64",
"product_id": "gpg2-tpm-2.5.16-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64"
},
"product_reference": "dirmngr-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le"
},
"product_reference": "dirmngr-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x"
},
"product_reference": "dirmngr-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64"
},
"product_reference": "dirmngr-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64"
},
"product_reference": "gpg2-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le"
},
"product_reference": "gpg2-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x"
},
"product_reference": "gpg2-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64"
},
"product_reference": "gpg2-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64"
},
"product_reference": "gpg2-lang-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le"
},
"product_reference": "gpg2-lang-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x"
},
"product_reference": "gpg2-lang-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64"
},
"product_reference": "gpg2-lang-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-01T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
OPENSUSE-SU-2026:20029-1
Vulnerability from csaf_opensuse - Published: 2026-01-14 10:23 - Updated: 2026-01-14 10:23Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
Patchnames
openSUSE-Leap-16.0-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).\n\nOther security fixes:\n\n- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).\n- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).\n- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20029-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-14T10:23:16Z",
"generator": {
"date": "2026-01-14T10:23:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20029-1",
"initial_release_date": "2026-01-14T10:23:16Z",
"revision_history": [
{
"date": "2026-01-14T10:23:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product_id": "dirmngr-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product_id": "gpg2-lang-2.5.5-160000.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product_id": "dirmngr-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product_id": "dirmngr-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product_id": "dirmngr-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch"
},
"product_reference": "gpg2-lang-2.5.5-160000.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-14T10:23:16Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
MSRC_CVE-2025-68973
Vulnerability from csaf_microsoft - Published: 2025-12-02 00:00 - Updated: 2026-01-06 14:36Summary
In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.) - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-68973.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"tracking": {
"current_release_date": "2026-01-06T14:36:10.000Z",
"generator": {
"date": "2026-01-06T20:17:42.360Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-68973",
"initial_release_date": "2025-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-12-30T01:01:21.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-01-03T01:02:22.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-01-06T14:36:10.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 gnupg2 2.4.7-1",
"product": {
"name": "\u003cazl3 gnupg2 2.4.7-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 gnupg2 2.4.7-1",
"product": {
"name": "azl3 gnupg2 2.4.7-1",
"product_id": "20333"
}
},
{
"category": "product_version_range",
"name": "cbl2 gnupg2 2.4.0-2",
"product": {
"name": "cbl2 gnupg2 2.4.0-2",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "gnupg2"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 gnupg2 2.4.7-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gnupg2 2.4.7-1 as a component of Azure Linux 3.0",
"product_id": "20333-17084"
},
"product_reference": "20333",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 gnupg2 2.4.0-2 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20333-17084"
],
"known_affected": [
"17084-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.) - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-68973.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2025-12-30T01:01:21.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-2"
]
},
{
"category": "vendor_fix",
"date": "2025-12-30T01:01:21.000Z",
"details": "2.4.9-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 7.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"17084-1",
"17086-2"
]
}
],
"title": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…