RHSA-2025:23176
Vulnerability from csaf_redhat - Published: 2025-12-15 07:13 - Updated: 2025-12-19 16:37Summary
Red Hat Security Advisory: Red Hat Quay 3.13.10
Notes
Topic
Red Hat Quay 3.13.10 is now available with bug fixes.
Details
Quay 3.13.10
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.13.10 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.13.10",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23176",
"url": "https://access.redhat.com/errata/RHSA-2025:23176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59420",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61920",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23176.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.13.10",
"tracking": {
"current_release_date": "2025-12-19T16:37:05+00:00",
"generator": {
"date": "2025-12-19T16:37:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:23176",
"initial_release_date": "2025-12-15T07:13:36+00:00",
"revision_history": [
{
"date": "2025-12-15T07:13:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T07:13:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-19T16:37:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.13",
"product": {
"name": "Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.13::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Ac0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Abd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Af635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Ae3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Afaba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ab416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Afdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aa152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.13.10-1765782391"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T07:13:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23176"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T07:13:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23176"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-59420",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2025-09-22T18:01:35.379361+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397460"
}
],
"notes": [
{
"category": "description",
"text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation. This issue has been patched in version 1.6.4.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib RFC violation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "RHBZ#2397460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
"url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
}
],
"release_date": "2025-09-22T17:28:53.869000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T07:13:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23176"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib RFC violation"
},
{
"cve": "CVE-2025-61920",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-10T20:01:12.833962+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403179"
}
],
"notes": [
{
"category": "description",
"text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service. Version 1.6.5 patches the issue. Some temporary workarounds are available. Enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "RHBZ#2403179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
"url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
}
],
"release_date": "2025-10-10T19:25:07.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T07:13:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23176"
},
{
"category": "workaround",
"details": "Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1342015f8900bc707d1f83ec9cce6d73a63be03ca39f15952d7c30188a5358df_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:1badbeb73cfe6c33bbff6922f778fe967bccbaaff72898a391d02880e765aad7_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:3824fc5efcc434b7af55f83541186eebe666e106f22856daec3844c32a80ac41_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:625daa899431d9a6526e65c8834435cd4b065cc9ad36406023f1ba3820032e9a_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bd1a02c47b6c32010fe19de6a994577b2c49ed692606d185d4252bb5ba347ecb_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:32d1326be0b497a153790a58572bb83555d7fe756e782d719d31fd0912769bf4_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:45b58ff658a6736e113db8b69f1e762bf8ead59110903f5a2adc16ebf6cb532e_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8f2d0fc57d36feafb662d28136ebec46bad9047640cf126f2f4f49777ef5b357_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b416224b4baa5a3c8663454f355aee800e327b28c6f19e0618b64b55f8daaf37_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:042fad54f97a923749bb9e28357f44c9ad55cc3e02ebd93386170d90aba8aed0_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:83ed8f834f7f93e91ef92c4e62dd37ad41149a52a8feecc5221daff3eb24ec27_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:92f9ae720c5c444a3e81ca42987152a689d2eaaa661e28b4cbc0363f1eaf56ce_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f635f510c78e52dedc4cbd4b721cc98446a58a03d6f245713e3aaf6ba6f6dd57_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0bb986d4f52cef09dd9a104660426a69d1f2c252b2f604758ae39a7cbaf7ee9b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5e4bfa8a9a4aa227922af4e35dcb3f659d1672d53c4c79bc35d0594b7cabbae7_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:6b8ae3a48b6237c6c689f1e62b3bb4eea645b5a3797a4e09e4a308f84f0c9ee7_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e4a2e7576bdf731816856a1c24c8d18292fe01df37393f845111a6df18b61a8_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:c0a8c5f5454426844c43f8732ed512ab30b5d4bd3e799fa3f133670d0ea431d5_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:38bcfcb8b18b9d0a84b108c9fde55fcda053c7cdbfc6f99639dd32d05f964756_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:9dd0249bc2ed6b1c2b26de52217d491204c925df3012df3ee3aeaaaa52b831b0_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:faba929adc7958495dae063add6f0e67b5c2a92cd5848b16e88654aec51cb5a9_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:fdee61c8dad676392456956ee47d5404f4b7bbf341453322d14feb71eb7660ab_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:e3bda08789b2ba41154d080a5f013ee0e2406d60f8414e63be451a6439555cc1_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:711b4047d6732b195af78cda60bdc7baba8fc64ec3bc67e566aab05f14ef54f6_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:71895379c0dca4fca449a1aee75d8aad06e1e72be3dee726cbe4c4f8fbe84fe2_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:9598f801ee479cb633d512b63a95659e05dbbd8d867e383dca5867f09e97e145_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:a152946ac895db8778f8db536f644a8a8b54f5db329918a8a9442e7aa729dc8c_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:0b00334468578780a4e4b34c03260e57aa07ec47b0d4860b17c8ec964eb7634d_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1d15d8b7f90327a4216efba353d61c94a9438e5a8df3e68da44907816943d0d3_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:28b200a0ba2c8095d93fc95edbdcdf83b2507a7379f2842fc0a1b7cc5fdd839c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:3d24fd39236e7f3180ff2cbef7a28e2e30d9609f6ec0538a41ad4a602eabd12e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib Denial of Service"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…